| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20170628150037.3809-1-glider@google.com>
Date: Wed, 28 Jun 2017 17:00:37 +0200
From: Alexander Potapenko <glider@...gle.com>
To: dvyukov@...gle.com, kcc@...gle.com, davem@...emloft.net,
akpm@...ux-foundation.org
Cc: linux-kernel@...r.kernel.org
Subject: [PATCH] sysctl: don't read uninit memory in deprecated_sysctl_warning()
Don't attempt to read the first two elements of name[] unless they
were actually copied from the userspace.
This bug has been detected by KMSAN.
Signed-off-by: Alexander Potapenko <glider@...gle.com>
---
kernel/sysctl_binary.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/sysctl_binary.c b/kernel/sysctl_binary.c
index ece4b177052b..38d6ba22a209 100644
--- a/kernel/sysctl_binary.c
+++ b/kernel/sysctl_binary.c
@@ -1346,7 +1346,7 @@ static void deprecated_sysctl_warning(const int *name, int nlen)
* CTL_KERN/KERN_VERSION is used by older glibc and cannot
* ever go away.
*/
- if (name[0] == CTL_KERN && name[1] == KERN_VERSION)
+ if (nlen >= 2 && name[0] == CTL_KERN && name[1] == KERN_VERSION)
return;
if (printk_ratelimit()) {
--
2.13.2.725.g09c95d1e9-goog
Powered by blists - more mailing lists