lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 6 Oct 2021 00:37:54 +0900
From:   Masahiro Yamada <masahiroy@...nel.org>
To:     Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>
Cc:     Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 01/10] kconfig: remove 'const' from the return type of sym_escape_string_value()

On Fri, Oct 1, 2021 at 2:33 PM Masahiro Yamada <masahiroy@...nel.org> wrote:
>
> sym_escape_string_value() returns a malloc'ed memory, but as
> (const char *). So, it must be casted to (void *) when it is free'd.
> This is odd.
>
> The return type of sym_escape_string_value() should be (char *).
>
> I exploited that free(NULL) has no effect.
>
> Signed-off-by: Masahiro Yamada <masahiroy@...nel.org>
> ---


All applied to linux-kbuild.

I pushed 10/10 v3 to the for-next branch.


>
>  scripts/kconfig/conf.c      | 15 +++++++--------
>  scripts/kconfig/confdata.c  | 27 ++++++++++++++-------------
>  scripts/kconfig/lkc_proto.h |  2 +-
>  scripts/kconfig/symbol.c    |  3 ++-
>  4 files changed, 24 insertions(+), 23 deletions(-)
>
> diff --git a/scripts/kconfig/conf.c b/scripts/kconfig/conf.c
> index 5d84b44a2a2a..310fdd408793 100644
> --- a/scripts/kconfig/conf.c
> +++ b/scripts/kconfig/conf.c
> @@ -647,17 +647,16 @@ static void check_conf(struct menu *menu)
>                 switch (input_mode) {
>                 case listnewconfig:
>                         if (sym->name) {
> -                               const char *str;
> +                               const char *val = sym_get_string_value(sym);
> +                               char *escaped = NULL;
>
>                                 if (sym->type == S_STRING) {
> -                                       str = sym_get_string_value(sym);
> -                                       str = sym_escape_string_value(str);
> -                                       printf("%s%s=%s\n", CONFIG_, sym->name, str);
> -                                       free((void *)str);
> -                               } else {
> -                                       str = sym_get_string_value(sym);
> -                                       printf("%s%s=%s\n", CONFIG_, sym->name, str);
> +                                       escaped = sym_escape_string_value(val);
> +                                       val = escaped;
>                                 }
> +
> +                               printf("%s%s=%s\n", CONFIG_, sym->name, val);
> +                               free(escaped);
>                         }
>                         break;
>                 case helpnewconfig:
> diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c
> index cf72680cd769..9b2271eb43d6 100644
> --- a/scripts/kconfig/confdata.c
> +++ b/scripts/kconfig/confdata.c
> @@ -728,21 +728,22 @@ static struct conf_printer header_printer_cb =
>  static void conf_write_symbol(FILE *fp, struct symbol *sym,
>                               struct conf_printer *printer, void *printer_arg)
>  {
> -       const char *str;
> +       const char *val;
> +       char *escaped = NULL;
>
> -       switch (sym->type) {
> -       case S_UNKNOWN:
> -               break;
> -       case S_STRING:
> -               str = sym_get_string_value(sym);
> -               str = sym_escape_string_value(str);
> -               printer->print_symbol(fp, sym, str, printer_arg);
> -               free((void *)str);
> -               break;
> -       default:
> -               str = sym_get_string_value(sym);
> -               printer->print_symbol(fp, sym, str, printer_arg);
> +       if (sym->type == S_UNKNOWN)
> +               return;
> +
> +       val = sym_get_string_value(sym);
> +
> +       if (sym->type == S_STRING) {
> +               escaped = sym_escape_string_value(val);
> +               val = escaped;
>         }
> +
> +       printer->print_symbol(fp, sym, val, printer_arg);
> +
> +       free(escaped);
>  }
>
>  static void
> diff --git a/scripts/kconfig/lkc_proto.h b/scripts/kconfig/lkc_proto.h
> index a11626bdc421..e6955df49973 100644
> --- a/scripts/kconfig/lkc_proto.h
> +++ b/scripts/kconfig/lkc_proto.h
> @@ -18,7 +18,7 @@ extern struct symbol * symbol_hash[SYMBOL_HASHSIZE];
>
>  struct symbol * sym_lookup(const char *name, int flags);
>  struct symbol * sym_find(const char *name);
> -const char * sym_escape_string_value(const char *in);
> +char *sym_escape_string_value(const char *in);
>  struct symbol ** sym_re_search(const char *pattern);
>  const char * sym_type_name(enum symbol_type type);
>  void sym_calc_value(struct symbol *sym);
> diff --git a/scripts/kconfig/symbol.c b/scripts/kconfig/symbol.c
> index 5844d636d38f..6bf8665a6a0f 100644
> --- a/scripts/kconfig/symbol.c
> +++ b/scripts/kconfig/symbol.c
> @@ -871,7 +871,8 @@ struct symbol *sym_find(const char *name)
>         return symbol;
>  }
>
> -const char *sym_escape_string_value(const char *in)
> +/* The returned pointer must be freed on the caller side */
> +char *sym_escape_string_value(const char *in)
>  {
>         const char *p;
>         size_t reslen;
> --
> 2.30.2
>


-- 
Best Regards
Masahiro Yamada

Powered by blists - more mailing lists