| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 5 May 2022 16:46:33 -0700
From: Kees Cook <keescook@...omium.org>
To: Miguel Ojeda <ojeda@...nel.org>
Cc: Masahiro Yamada <masahiroy@...nel.org>,
Changbin Du <changbin.du@...el.com>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Nathan Chancellor <nathan@...nel.org>,
linux-kernel@...r.kernel.org, rust-for-linux@...r.kernel.org,
Boqun Feng <boqun.feng@...il.com>
Subject: Re: [PATCH v1 1/3] kallsyms: avoid hardcoding the buffer size
On Thu, May 05, 2022 at 09:16:43PM +0200, Miguel Ojeda wrote:
> From: Boqun Feng <boqun.feng@...il.com>
>
> This makes it easier to update the size later on.
>
> Furthermore, a static assert is added to ensure both are updated
> when that happens. The relationship used is one that keeps the new
> size (512+1) close to the original buffer size (500).
>
> Signed-off-by: Boqun Feng <boqun.feng@...il.com>
> Co-developed-by: Miguel Ojeda <ojeda@...nel.org>
> Signed-off-by: Miguel Ojeda <ojeda@...nel.org>
> ---
> scripts/kallsyms.c | 16 +++++++++++++---
> 1 file changed, 13 insertions(+), 3 deletions(-)
>
> diff --git a/scripts/kallsyms.c b/scripts/kallsyms.c
> index 8caabddf817c..880c4404731b 100644
> --- a/scripts/kallsyms.c
> +++ b/scripts/kallsyms.c
> @@ -27,8 +27,18 @@
>
> #define ARRAY_SIZE(arr) (sizeof(arr) / sizeof(arr[0]))
>
> +#define _stringify_1(x) #x
> +#define _stringify(x) _stringify_1(x)
> +
> #define KSYM_NAME_LEN 128
>
> +/* A substantially bigger size than the current maximum. */
> +#define KSYM_NAME_LEN_BUFFER 512
> +_Static_assert(
> + KSYM_NAME_LEN_BUFFER == KSYM_NAME_LEN * 4,
> + "Please keep KSYM_NAME_LEN_BUFFER in sync with KSYM_NAME_LEN"
> +);
> +
> struct sym_entry {
> unsigned long long addr;
> unsigned int len;
> @@ -197,15 +207,15 @@ static void check_symbol_range(const char *sym, unsigned long long addr,
>
> static struct sym_entry *read_symbol(FILE *in)
> {
> - char name[500], type;
> + char name[KSYM_NAME_LEN_BUFFER+1], type;
> unsigned long long addr;
> unsigned int len;
> struct sym_entry *sym;
> int rc;
>
> - rc = fscanf(in, "%llx %c %499s\n", &addr, &type, name);
> + rc = fscanf(in, "%llx %c %" _stringify(KSYM_NAME_LEN_BUFFER) "s\n", &addr, &type, name);
> if (rc != 3) {
> - if (rc != EOF && fgets(name, 500, in) == NULL)
> + if (rc != EOF && fgets(name, KSYM_NAME_LEN_BUFFER + 1, in) == NULL)
No need to repeat the sizing:
fgets(name, sizeof(name), in)
> fprintf(stderr, "Read error or end of file.\n");
> return NULL;
> }
> --
> 2.35.3
>
Reviewed-by: Kees Cook <keescook@...omium.org>
--
Kees Cook
Powered by blists - more mailing lists