lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sat,  5 Aug 2023 11:57:09 +0200
From:   Yoann Congal <yoann.congal@...le.fr>
To:     Masahiro Yamada <masahiroy@...nel.org>,
        linux-kbuild@...r.kernel.org
Cc:     linux-kernel@...r.kernel.org, Yoann Congal <yoann.congal@...le.fr>
Subject: [PATCH v2] kconfig: avoid an infinite loop in oldconfig/syncconfig

Exit on error when asking for value that has an invalid default value
and stdin has reached EOF. This happens in particular for hex/int
configs without an explicit default value.

Previously, this case would loop:
* oldconfig prompts for the value but stdin has reached EOF
* It gets the global default value : an empty string
* This is not a valid hex/int value so it prompts again, hence the infinite loop.

This case happens with a configuration like this (a hex config without a
valid default value):
  config TEST_KCONFIG
       hex "Test KConfig"
       # default 0x0

And using:
  make oldconfig < /dev/null

This was discovered when working on Yocto bug[0] on a downstream
kconfig user (U-boot)

[0]: https://bugzilla.yoctoproject.org/show_bug.cgi?id=14136

Signed-off-by: Yoann Congal <yoann.congal@...le.fr>
---
v1->v2:
 * Improve coding style
 * Put more info in the commit message 

 scripts/kconfig/conf.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/scripts/kconfig/conf.c b/scripts/kconfig/conf.c
index 7cf63261d951c..8f32cbbce4805 100644
--- a/scripts/kconfig/conf.c
+++ b/scripts/kconfig/conf.c
@@ -377,8 +377,16 @@ static int conf_string(struct menu *menu)
 			line[strlen(line)-1] = 0;
 			def = line;
 		}
-		if (def && sym_set_string_value(sym, def))
+		if (def && sym_set_string_value(sym, def)) {
 			return 0;
+		} else {
+			if (feof(stdin) && !sym_string_valid(sym, sym_get_string_value(sym))) {
+				fprintf(stderr,
+					"Symbol %s has invalid default value and stdin reached EOF\n",
+					sym->name);
+				exit(1);
+			}
+		}
 	}
 }
 
-- 
2.30.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ