[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <1303580576.4815.3.camel@localhost>
Date: Sat, 23 Apr 2011 18:42:56 +0100
From: Ben Hutchings <ben@...adent.org.uk>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: LKML <linux-kernel@...r.kernel.org>, linux-kbuild@...r.kernel.org,
Roman Zippel <zippel@...ux-m68k.org>
Subject: [PATCH] kconfig: Avoid buffer underrun in choice input
commit 40aee729b350672c2550640622416a855e27938f ('kconfig: fix default
value for choice input') fixed some cases where kconfig would select
the wrong option from a choice with a single valid option and thus
enter an infinite loop.
However, this broke the test for user input of the form 'N?', because
when kconfig selects the single valid option the input is zero-length
and the test will read the byte before the input buffer. If this
happens to contain '?' (as it will in a mips build on Debian unstable
today) then kconfig again enters an infinite loop.
Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
Cc: stable@...nel.org [2.6.17+]
---
Roman has failed to respond to this after 5 weeks and one reminder, so
please take it directly.
Ben.
scripts/kconfig/conf.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/scripts/kconfig/conf.c b/scripts/kconfig/conf.c
index 659326c..006ad81 100644
--- a/scripts/kconfig/conf.c
+++ b/scripts/kconfig/conf.c
@@ -332,7 +332,7 @@ static int conf_choice(struct menu *menu)
}
if (!child)
continue;
- if (line[strlen(line) - 1] == '?') {
+ if (line[0] && line[strlen(line) - 1] == '?') {
print_help(child);
continue;
}
--
1.7.4.1
Download attachment "signature.asc" of type "application/pgp-signature" (829 bytes)
Powered by blists - more mailing lists