[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20210316073439.GB49151@shbuild999.sh.intel.com>
Date: Tue, 16 Mar 2021 15:34:39 +0800
From: Feng Tang <feng.tang@...el.com>
To: Borislav Petkov <bp@...en8.de>
Cc: X86 ML <x86@...nel.org>, LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 1/2] tools/x86/kcpuid: Check last token too
On Mon, Mar 15, 2021 at 01:59:00PM +0100, Borislav Petkov wrote:
> From: Borislav Petkov <bp@...e.de>
>
> Input lines like
>
> 0x8000001E, 0, EAX, 31:0, Extended APIC ID
>
> where the short name is missing lead to a segfault because the loop
> takes the long name for the short name and tokens[5] becomes NULL which
> explodes later in strcpy().
>
> Check its value too before further processing.
Thanks for the fix!
Acked-by: Feng Tang <feng.tang@...el.com>
> Signed-off-by: Borislav Petkov <bp@...e.de>
> ---
> tools/arch/x86/kcpuid/kcpuid.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/tools/arch/x86/kcpuid/kcpuid.c b/tools/arch/x86/kcpuid/kcpuid.c
> index 6048da34fcc6..dae75511fef7 100644
> --- a/tools/arch/x86/kcpuid/kcpuid.c
> +++ b/tools/arch/x86/kcpuid/kcpuid.c
> @@ -324,6 +324,8 @@ static int parse_line(char *line)
> str = NULL;
> }
> tokens[5] = strtok(str, "\n");
> + if (!tokens[5])
> + goto err_exit;
>
> /* index/main-leaf */
> index = strtoull(tokens[0], NULL, 0);
> --
> 2.29.2
Powered by blists - more mailing lists