| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 Aug 2020 14:58:11 -0400
From: Arvind Sankar <nivedita@...m.mit.edu>
To: Ard Biesheuvel <ardb@...nel.org>, linux-efi@...r.kernel.org
Cc: linux-kernel@...r.kernel.org
Subject: [PATCH 3/3] efi/libstub: Handle unterminated cmdline
Make the command line parsing more robust, by handling the case it is
not NUL-terminated.
Use strnlen instead of strlen, and make sure that the temporary copy is
NUL-terminated before parsing.
Signed-off-by: Arvind Sankar <nivedita@...m.mit.edu>
---
drivers/firmware/efi/libstub/efi-stub-helper.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/drivers/firmware/efi/libstub/efi-stub-helper.c b/drivers/firmware/efi/libstub/efi-stub-helper.c
index f53652a3a106..fe5103086e27 100644
--- a/drivers/firmware/efi/libstub/efi-stub-helper.c
+++ b/drivers/firmware/efi/libstub/efi-stub-helper.c
@@ -194,12 +194,14 @@ efi_status_t efi_parse_options(char const *cmdline)
if (!cmdline)
return EFI_SUCCESS;
- len = strlen(cmdline) + 1;
+ len = strnlen(cmdline, COMMAND_LINE_SIZE-1) + 1;
status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, len, (void **)&buf);
if (status != EFI_SUCCESS)
return status;
- str = skip_spaces(memcpy(buf, cmdline, len));
+ memcpy(buf, cmdline, len-1);
+ buf[len-1] = '\0';
+ str = skip_spaces(buf);
while (*str) {
char *param, *val;
--
2.26.2
Powered by blists - more mailing lists