[PATCH 1/2] tools/x86/kcpuid: Check last token too

From: Borislav Petkov
Date: Mon Mar 15 2021 - 08:59:44 EST

Next message: Borislav Petkov: "[PATCH 2/2] tools/x86/kcpuid: Add AMD leaf 0x8000001E"
Previous message: Cyrill Gorcunov: "Re: [PATCH] prctl: fix PR_SET_MM_AUXV kernel stack leak"
Next in thread: Borislav Petkov: "[PATCH 2/2] tools/x86/kcpuid: Add AMD leaf 0x8000001E"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Borislav Petkov <bp@xxxxxxx>

Input lines like

0x8000001E, 0, EAX, 31:0, Extended APIC ID

where the short name is missing lead to a segfault because the loop
takes the long name for the short name and tokens[5] becomes NULL which
explodes later in strcpy().

Check its value too before further processing.

Signed-off-by: Borislav Petkov <bp@xxxxxxx>
---
tools/arch/x86/kcpuid/kcpuid.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/tools/arch/x86/kcpuid/kcpuid.c b/tools/arch/x86/kcpuid/kcpuid.c
index 6048da34fcc6..dae75511fef7 100644
--- a/tools/arch/x86/kcpuid/kcpuid.c
+++ b/tools/arch/x86/kcpuid/kcpuid.c
@@ -324,6 +324,8 @@ static int parse_line(char *line)
str = NULL;
}
tokens[5] = strtok(str, "\n");
+ if (!tokens[5])
+ goto err_exit;

/* index/main-leaf */
index = strtoull(tokens[0], NULL, 0);
--
2.29.2

Next message: Borislav Petkov: "[PATCH 2/2] tools/x86/kcpuid: Add AMD leaf 0x8000001E"
Previous message: Cyrill Gorcunov: "Re: [PATCH] prctl: fix PR_SET_MM_AUXV kernel stack leak"
Next in thread: Borislav Petkov: "[PATCH 2/2] tools/x86/kcpuid: Add AMD leaf 0x8000001E"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]