lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAK7LNATCLscXNDZ1RUmbnM5BeV-tvKjz9kQB8eo0SNp10WbjFQ@mail.gmail.com>
Date:   Sun, 28 Jun 2020 14:51:04 +0900
From:   Masahiro Yamada <masahiroy@...nel.org>
To:     "H. Nikolaus Schaller" <hns@...delico.com>
Cc:     Michal Marek <michal.lkml@...kovi.net>,
        Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Discussions about the Letux Kernel 
        <letux-kernel@...nphoenux.org>
Subject: Re: [PATCH] modpost: remove use of non-standard strsep() in HOSTCC code

On Thu, Jun 25, 2020 at 5:47 PM H. Nikolaus Schaller <hns@...delico.com> wrote:
>
> strsep() is neither standard C nor POSIX and used outside
> the kernel code here. Using it here requires that the
> build host supports it out of the box which is e.g.
> not true for a Darwin build host and using a cross-compiler.
> This leads to:
>
> scripts/mod/modpost.c:145:2: warning: implicit declaration of function 'strsep' [-Wimplicit-function-declaration]
>   return strsep(stringp, "\n");
>   ^
>
> and a segfault when running MODPOST.
>
> See also: https://stackoverflow.com/a/7219504
>
> So let's add some lines of code separating the string at the
> next newline character instead of using strsep(). It does not
> hurt kernel size or speed since this code is run on the build host.
>
> Fixes: ac5100f5432967 ("modpost: add read_text_file() and get_line() helpers")
> Signed-off-by: H. Nikolaus Schaller <hns@...delico.com>
> ---
>  scripts/mod/modpost.c | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
> index 6aea65c65745..8fe63989c6e1 100644
> --- a/scripts/mod/modpost.c
> +++ b/scripts/mod/modpost.c
> @@ -138,11 +138,16 @@ char *read_text_file(const char *filename)
>
>  char *get_line(char **stringp)
>  {
> +       char *p;
>         /* do not return the unwanted extra line at EOF */
>         if (*stringp && **stringp == '\0')

This check does not make sense anymore.

Previously, get_line(NULL) returns NULL.

With your patch, get_line(NULL) crashes
due to NULL-pointer dereference.



>                 return NULL;
>
> -       return strsep(stringp, "\n");
> +       p = *stringp;
> +       while (**stringp != '\n')
> +               (*stringp)++;


Is this a safe conversion?

If the input file does not contain '\n' at all,
this while-loop continues running,
and results in the segmentation fault
due to buffer over-run.



> +       *(*stringp)++ = '\0';
> +       return p;
>  }



How about this?

char *get_line(char **stringp)
{
        char *orig = *stringp;
        char *next;

        /* do not return the unwanted extra line at EOF */
        if (!orig || *orig == '\0')
                return NULL;

        next = strchr(orig, '\n');
        if (next)
                *next++ = '\0';

        *stringp = next;

        return orig;
}




>  /* A list of all modules we processed */
> --
> 2.26.2
>


--
Best Regards
Masahiro Yamada

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ