| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20231118075912.1303509-1-masahiroy@kernel.org>
Date: Sat, 18 Nov 2023 16:59:07 +0900
From: Masahiro Yamada <masahiroy@...nel.org>
To: linux-kbuild@...r.kernel.org
Cc: linux-kernel@...r.kernel.org,
Masahiro Yamada <masahiroy@...nel.org>
Subject: [PATCH 1/6] kconfig: require a space after '#' for valid input
Currently, when an input line starts with '#', (line + 2) is passed to
memcmp() without checking line[1].
It means that line[1] can be any arbitrary character. For example,
"#KCONFIG_FOO is not set" is accepted as valid input, functioning the
same as "# CONFIG_FOO is not set".
More importantly, this can potentially lead to a buffer overrun if
line[1] == '\0'. It occurs if the input only contains '#', as
(line + 2) points to an uninitialized buffer.
Check line[1], and skip the line if it is not a space.
Signed-off-by: Masahiro Yamada <masahiroy@...nel.org>
---
scripts/kconfig/confdata.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c
index 2ba4dfdd1aee..556b7f087dbb 100644
--- a/scripts/kconfig/confdata.c
+++ b/scripts/kconfig/confdata.c
@@ -426,6 +426,8 @@ int conf_read_simple(const char *name, int def)
conf_lineno++;
sym = NULL;
if (line[0] == '#') {
+ if (line[1] != ' ')
+ continue;
if (memcmp(line + 2, CONFIG_, strlen(CONFIG_)))
continue;
p = strchr(line + 2 + strlen(CONFIG_), ' ');
--
2.40.1
Powered by blists - more mailing lists