Re: [PATCH RFC] [5/9] modpost: Fix a buffer overflow in modpost
From: Sam Ravnborg
Date: Mon Dec 10 2007 - 14:30:32 EST
On Thu, Nov 22, 2007 at 03:43:10AM +0100, Andi Kleen wrote:
>
> When passing an file name > 1k the stack could be overflowed.
> Not really a security issue, but still better plugged.
Looks good. A s-o-b line again please.
Although I am not so happy with the ue of gcc extensions.
Sam
>
>
> ---
> scripts/mod/modpost.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> Index: linux/scripts/mod/modpost.c
> ===================================================================
> --- linux.orig/scripts/mod/modpost.c
> +++ linux/scripts/mod/modpost.c
> @@ -1656,7 +1656,6 @@ int main(int argc, char **argv)
> {
> struct module *mod;
> struct buffer buf = { };
> - char fname[SZ];
> char *kernel_read = NULL, *module_read = NULL;
> char *dump_write = NULL;
> int opt;
> @@ -1709,6 +1708,8 @@ int main(int argc, char **argv)
> err = 0;
>
> for (mod = modules; mod; mod = mod->next) {
> + char fname[strlen(mod->name) + 10];
> +
> if (mod->skip)
> continue;
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/