lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20210316073439.GB49151@shbuild999.sh.intel.com>
Date:   Tue, 16 Mar 2021 15:34:39 +0800
From:   Feng Tang <feng.tang@...el.com>
To:     Borislav Petkov <bp@...en8.de>
Cc:     X86 ML <x86@...nel.org>, LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 1/2] tools/x86/kcpuid: Check last token too

On Mon, Mar 15, 2021 at 01:59:00PM +0100, Borislav Petkov wrote:
> From: Borislav Petkov <bp@...e.de>
> 
> Input lines like
> 
>   0x8000001E,     0, EAX,   31:0, Extended APIC ID
> 
> where the short name is missing lead to a segfault because the loop
> takes the long name for the short name and tokens[5] becomes NULL which
> explodes later in strcpy().
> 
> Check its value too before further processing.
 
Thanks for the fix!

Acked-by: Feng Tang <feng.tang@...el.com>

> Signed-off-by: Borislav Petkov <bp@...e.de>
> ---
>  tools/arch/x86/kcpuid/kcpuid.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/tools/arch/x86/kcpuid/kcpuid.c b/tools/arch/x86/kcpuid/kcpuid.c
> index 6048da34fcc6..dae75511fef7 100644
> --- a/tools/arch/x86/kcpuid/kcpuid.c
> +++ b/tools/arch/x86/kcpuid/kcpuid.c
> @@ -324,6 +324,8 @@ static int parse_line(char *line)
>  		str = NULL;
>  	}
>  	tokens[5] = strtok(str, "\n");
> +	if (!tokens[5])
> +		goto err_exit;
>  
>  	/* index/main-leaf */
>  	index = strtoull(tokens[0], NULL, 0);
> -- 
> 2.29.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ