| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241001090226.2784447-1-masahiroy@kernel.org>
Date: Tue, 1 Oct 2024 18:02:22 +0900
From: Masahiro Yamada <masahiroy@...nel.org>
To: linux-kbuild@...r.kernel.org
Cc: linux-kernel@...r.kernel.org,
Masahiro Yamada <masahiroy@...nel.org>,
Mauro Carvalho Chehab <mchehab+huawei@...nel.org>
Subject: [PATCH] kconfig: qconf: fix buffer overflow in debug links
If you enable the "Option -> Show Debug Info" and click a click, the
program terminates with the following error:
*** buffer overflow detected ***: terminated
The buffer overflow is caused by the following line:
strcat(data, "$");
The buffer needs one more byte to accommodate the additional character.
Fixes: c4f7398bee9c ("kconfig: qconf: make debug links work again")
Signed-off-by: Masahiro Yamada <masahiroy@...nel.org>
---
scripts/kconfig/qconf.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/kconfig/qconf.cc b/scripts/kconfig/qconf.cc
index 7dba8014ead4..e260cab1c2af 100644
--- a/scripts/kconfig/qconf.cc
+++ b/scripts/kconfig/qconf.cc
@@ -1166,7 +1166,7 @@ void ConfigInfoView::clicked(const QUrl &url)
{
QByteArray str = url.toEncoded();
const std::size_t count = str.size();
- char *data = new char[count + 1];
+ char *data = new char[count + 2]; // '$' + '\0'
struct symbol **result;
struct menu *m = NULL;
--
2.43.0
Powered by blists - more mailing lists