| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20071210193202.GC17315@uranus.ravnborg.org>
Date: Mon, 10 Dec 2007 20:32:02 +0100
From: Sam Ravnborg <sam@...nborg.org>
To: Andi Kleen <ak@...e.de>
Cc: netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
rusty@...tcorp.com.au
Subject: Re: [PATCH RFC] [5/9] modpost: Fix a buffer overflow in modpost
On Thu, Nov 22, 2007 at 03:43:10AM +0100, Andi Kleen wrote:
>
> When passing an file name > 1k the stack could be overflowed.
> Not really a security issue, but still better plugged.
Looks good. A s-o-b line again please.
Although I am not so happy with the ue of gcc extensions.
Sam
>
>
> ---
> scripts/mod/modpost.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> Index: linux/scripts/mod/modpost.c
> ===================================================================
> --- linux.orig/scripts/mod/modpost.c
> +++ linux/scripts/mod/modpost.c
> @@ -1656,7 +1656,6 @@ int main(int argc, char **argv)
> {
> struct module *mod;
> struct buffer buf = { };
> - char fname[SZ];
> char *kernel_read = NULL, *module_read = NULL;
> char *dump_write = NULL;
> int opt;
> @@ -1709,6 +1708,8 @@ int main(int argc, char **argv)
> err = 0;
>
> for (mod = modules; mod; mod = mod->next) {
> + char fname[strlen(mod->name) + 10];
> +
> if (mod->skip)
> continue;
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists