| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87o9vr4nm3.fsf@concordia.ellerman.id.au>
Date: Thu, 20 Apr 2017 16:08:52 +1000
From: Michael Ellerman <mpe@...erman.id.au>
To: "Naveen N. Rao" <naveen.n.rao@...ux.vnet.ibm.com>,
Ingo Molnar <mingo@...nel.org>
Cc: Ananth N Mavinakayanahalli <ananth@...ux.vnet.ibm.com>,
Masami Hiramatsu <mhiramat@...nel.org>,
linuxppc-dev@...ts.ozlabs.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 3/7] kprobes: validate the symbol name length
"Naveen N. Rao" <naveen.n.rao@...ux.vnet.ibm.com> writes:
> diff --git a/kernel/kprobes.c b/kernel/kprobes.c
> index 6a128f3a7ed1..bb86681c8a10 100644
> --- a/kernel/kprobes.c
> +++ b/kernel/kprobes.c
> @@ -1382,6 +1382,28 @@ bool within_kprobe_blacklist(unsigned long addr)
> return false;
> }
>
> +bool is_valid_kprobe_symbol_name(const char *name)
> +{
> + size_t sym_len;
> + char *s;
> +
> + s = strchr(name, ':');
> + if (s) {
> + sym_len = strnlen(s+1, KSYM_NAME_LEN);
> + if (sym_len <= 0 || sym_len >= KSYM_NAME_LEN)
> + return false;
> + sym_len = (size_t)(s - name);
> + if (sym_len <= 0 || sym_len >= MODULE_NAME_LEN)
> + return false;
> + } else {
> + sym_len = strnlen(name, MODULE_NAME_LEN);
> + if (sym_len <= 0 || sym_len >= MODULE_NAME_LEN)
> + return false;
> + }
I think this is probably more elaborate than it needs to be.
Why not just check the string is <= (MODULE_NAME_LEN + KSYM_NAME_LEN) ?
cheers
Powered by blists - more mailing lists