lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 06 Mar 2019 20:11:42 +0300
From:   Konstantin Khlebnikov <khlebnikov@...dex-team.ru>
To:     Tejun Heo <tj@...nel.org>,
        "Peter Zijlstra \(Intel\)" <peterz@...radead.org>,
        linux-kernel@...r.kernel.org
Cc:     cgroups@...r.kernel.org, Li Zefan <lizefan@...wei.com>,
        Ingo Molnar <mingo@...hat.com>,
        Johannes Weiner <hannes@...xchg.org>
Subject: [PATCH] sched/core: fix buffer overflow in cgroup2 property cpu.max

Add limit into sscanf format string for on-stack buffer.

Fixes: 0d5936344f30 ("sched: Implement interface for cgroup unified hierarchy")
Signed-off-by: Konstantin Khlebnikov <khlebnikov@...dex-team.ru>
---
 kernel/sched/core.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index 43f44539b88f..3971bc62521d 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -6968,7 +6968,7 @@ static int __maybe_unused cpu_period_quota_parse(char *buf,
 {
 	char tok[21];	/* U64_MAX */
 
-	if (!sscanf(buf, "%s %llu", tok, periodp))
+	if (sscanf(buf, "%20s %llu", tok, periodp) < 1)
 		return -EINVAL;
 
 	*periodp *= NSEC_PER_USEC;

Powered by blists - more mailing lists