| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 Apr 2023 12:17:57 -0700
From: Florian Fainelli <f.fainelli@...il.com>
To: linux-kernel@...r.kernel.org
Cc: corbet@....net, Florian Fainelli <f.fainelli@...il.com>,
Luis Chamberlain <mcgrof@...nel.org>,
Russ Weight <russell.h.weight@...el.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"Rafael J. Wysocki" <rafael@...nel.org>
Subject: [PATCH] firmware_loader: Strip off \n from customized path
Having helped an user recently figure out why the customized path being
specified was not taken into account landed on a subtle difference
between using:
echo "/xyz/firmware" > /sys/module/firmware_class/parameters/path
which inserts an additional newline which is passed as is down to
fw_get_filesystem_firmware() and ultimately kernel_read_file_from_path()
and fails.
Strip off \n from the customized firmware path such that users do not
run into these hard to debug situations.
Link: https://lore.kernel.org/all/20230402135423.3235-1-f.fainelli@gmail.com/
Signed-off-by: Florian Fainelli <f.fainelli@...il.com>
---
drivers/base/firmware_loader/main.c | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/drivers/base/firmware_loader/main.c b/drivers/base/firmware_loader/main.c
index 017c4cdb219e..10b7d8fc5d07 100644
--- a/drivers/base/firmware_loader/main.c
+++ b/drivers/base/firmware_loader/main.c
@@ -493,9 +493,9 @@ fw_get_filesystem_firmware(struct device *device, struct fw_priv *fw_priv,
const void *in_buffer))
{
size_t size;
- int i, len;
+ int i, len, maxlen = 0;
int rc = -ENOENT;
- char *path;
+ char *path, *nt = NULL;
size_t msize = INT_MAX;
void *buffer = NULL;
@@ -518,8 +518,17 @@ fw_get_filesystem_firmware(struct device *device, struct fw_priv *fw_priv,
if (!fw_path[i][0])
continue;
- len = snprintf(path, PATH_MAX, "%s/%s%s",
- fw_path[i], fw_priv->fw_name, suffix);
+ /* strip off \n from customized path */
+ maxlen = strlen(fw_path[i]);
+ if (i == 0) {
+ nt = strchr(fw_path[i], '\n');
+ if (nt)
+ maxlen = nt - fw_path[i];
+ }
+
+ len = snprintf(path, PATH_MAX, "%.*s/%s%s",
+ maxlen, fw_path[i],
+ fw_priv->fw_name, suffix);
if (len >= PATH_MAX) {
rc = -ENAMETOOLONG;
break;
--
2.34.1
Powered by blists - more mailing lists