lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sun,  8 Oct 2017 19:11:20 +0200
From:   Ulf Magnusson <ulfalizer@...il.com>
To:     yann.morin.1998@...e.fr, linux-kbuild@...r.kernel.org
Cc:     sam@...nborg.org, zippel@...ux-m68k.org, nicolas.pitre@...aro.org,
        michal.lkml@...kovi.net, dirk@...ders.net,
        yamada.masahiro@...ionext.com, lacombar@...il.com,
        walch.martin@....de, JBeulich@...e.com,
        linux-kernel@...r.kernel.org, Ulf Magnusson <ulfalizer@...il.com>
Subject: [PATCH 3/6] kconfig: Don't leak 'option' arguments during parsing

The following strings would leak before this change:

	- option env="LEAKED"
	- option defconfig_list="LEAKED"

These come in the form of T_WORD tokens and are always allocated on the
heap in zconf.l. Free them.

Summary from Valgrind on 'menuconfig' (ARCH=x86) before the fix:

	LEAK SUMMARY:
	   definitely lost: 344,616 bytes in 14,355 blocks
	   ...

Summary after the fix:

	LEAK SUMMARY:
	   definitely lost: 344,568 bytes in 14,352 blocks
	   ...

Signed-off-by: Ulf Magnusson <ulfalizer@...il.com>
---
 scripts/kconfig/zconf.y | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/scripts/kconfig/zconf.y b/scripts/kconfig/zconf.y
index a770117..ea6ae16 100644
--- a/scripts/kconfig/zconf.y
+++ b/scripts/kconfig/zconf.y
@@ -236,8 +236,10 @@ symbol_option_list:
 	| symbol_option_list T_WORD symbol_option_arg
 {
 	const struct kconf_id *id = kconf_id_lookup($2, strlen($2));
-	if (id && id->flags & TF_OPTION)
+	if (id && id->flags & TF_OPTION) {
 		menu_add_option(id->token, $3);
+		free($3);
+	}
 	else
 		zconfprint("warning: ignoring unknown option %s", $2);
 	free($2);
-- 
2.7.4

Powered by blists - more mailing lists