From: Masahiro Yamada <masahiroy@kernel.org>
To: linux-kbuild@vger.kernel.org
Cc: Masahiro Yamada <masahiroy@kernel.org>
Subject: [PATCH 24/37] modpost: fix potential mmap'ed file overrun in get_src_version()
Date: Mon, 1 Jun 2020 14:57:18 +0900 [thread overview]
Message-ID: <20200601055731.3006266-24-masahiroy@kernel.org> (raw)
In-Reply-To: <20200601055731.3006266-1-masahiroy@kernel.org>
I do not know how reliably this function works, but it looks dangerous
to me.
strchr(sources, '\n');
... continues searching until it finds '\n' or it reaches the '\0'
terminator. In other words, 'sources' should be a null-terminated
string.
However, grab_file() just mmaps a file, so 'sources' is not terminated
with null byte. If the file does not contain '\n' at all, strchr() will
go beyond the mmap'ed memory.
Use read_text_file(), which loads the file content into a malloc'ed
buffer, appending null byte.
Here we are interested only in the first line of *.mod files. Use
get_line() helper to get the first line.
This also makes missing *.mod file a fatal error.
Commit 4be40e22233c ("kbuild: do not emit src version warning for
non-modules") ignored missing *.mod files.
I do not fully understand what that commit addressed, but commit
91341d4b2c19 ("kbuild: introduce new option to enhance section mismatch
analysis") introduced partial section checks by using modpost. built-in.o
was parsed by modpost. Even modules had a problem because *.mod files
were created after the modpost check.
Commit b7dca6dd1e59 ("kbuild: create *.mod with full directory path and
remove MODVERDIR") stopped doing that. Now that modpost is only invoked
after the directory descend, *.mod files should always exist at the
modpost stage.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
---
scripts/mod/sumversion.c | 28 +++++++++++-----------------
1 file changed, 11 insertions(+), 17 deletions(-)
diff --git a/scripts/mod/sumversion.c b/scripts/mod/sumversion.c
index f27f22420cbc..5fb142db6195 100644
--- a/scripts/mod/sumversion.c
+++ b/scripts/mod/sumversion.c
@@ -392,40 +392,34 @@ static int parse_source_files(const char *objfile, struct md4_ctx *md)
/* Calc and record src checksum. */
void get_src_version(const char *modname, char sum[], unsigned sumlen)
{
- void *file;
- unsigned long len;
+ char *buf, *pos, *firstline;
struct md4_ctx md;
- char *sources, *end, *fname;
+ char *fname;
char filelist[PATH_MAX + 1];
/* objects for a module are listed in the first line of *.mod file. */
snprintf(filelist, sizeof(filelist), "%.*smod",
(int)strlen(modname) - 1, modname);
- file = grab_file(filelist, &len);
- if (!file)
- /* not a module or .mod file missing - ignore */
- return;
+ buf = read_text_file(filelist);
- sources = file;
-
- end = strchr(sources, '\n');
- if (!end) {
+ pos = buf;
+ firstline = get_line(&pos);
+ if (!firstline) {
warn("bad ending versions file for %s\n", modname);
- goto release;
+ goto free;
}
- *end = '\0';
md4_init(&md);
- while ((fname = strsep(&sources, " ")) != NULL) {
+ while ((fname = strsep(&firstline, " "))) {
if (!*fname)
continue;
if (!(is_static_library(fname)) &&
!parse_source_files(fname, &md))
- goto release;
+ goto free;
}
md4_final_ascii(&md, sum, sumlen);
-release:
- release_file(file, len);
+free:
+ free(buf);
}
--
2.25.1
next prev parent reply other threads:[~2020-06-01 5:58 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-01 5:56 [PATCH 01/37] kbuild: refactor subdir-ym calculation Masahiro Yamada
2020-06-01 5:56 ` [PATCH 02/37] kbuild: refactor tagets caluculation for KBUILD_{BUILTIN,KBUILD_MODULES} Masahiro Yamada
2020-06-01 5:56 ` [PATCH 03/37] kbuild: merge init-y into core-y Masahiro Yamada
2020-06-01 5:56 ` [PATCH 04/37] kbuild: merge net-y and virt-y into drivers-y Masahiro Yamada
2020-06-01 5:56 ` [PATCH 05/37] kbuild: refactor KBUILD_VMLINUX_{OBJS,LIBS} calculation Masahiro Yamada
2020-06-03 4:21 ` Masahiro Yamada
2020-06-01 5:57 ` [PATCH 06/37] kbuild: update modules.order only when contained modules are updated Masahiro Yamada
2020-06-01 5:57 ` [PATCH 07/37] modpost: fix -i (--ignore-errors) MAKEFLAGS detection Masahiro Yamada
2020-06-01 5:57 ` [PATCH 08/37] modpost: move -T option close to the modpost command Masahiro Yamada
2020-06-01 5:57 ` [PATCH 09/37] modpost: pass -N option only for modules modpost Masahiro Yamada
2020-06-01 5:57 ` [PATCH 10/37] modpost: load KBUILD_EXTRA_SYMBOLS files in order Masahiro Yamada
2020-06-01 5:57 ` [PATCH 11/37] modpost: track if the symbol origin is a dump file or ELF object Masahiro Yamada
2020-06-01 5:57 ` [PATCH 12/37] modpost: allow to pass -i option multiple times to remove -e option Masahiro Yamada
2020-06-01 5:57 ` [PATCH 13/37] modpost: rename ext_sym_list to dump_list Masahiro Yamada
2020-06-01 5:57 ` [PATCH 14/37] modpost: re-add -e to set external_module flag Masahiro Yamada
2020-06-01 5:57 ` [PATCH 15/37] modpost: print symbol dump file as the build target in short log Masahiro Yamada
2020-06-01 5:57 ` [PATCH 16/37] modpost: refactor -i option calculation Masahiro Yamada
2020-06-01 5:57 ` [PATCH 17/37] modpost: generate vmlinux.symvers and reuse it for the second modpost Masahiro Yamada
2020-06-01 5:57 ` [PATCH 18/37] modpost: invoke modpost only when input files are updated Masahiro Yamada
2020-06-01 5:57 ` [PATCH 19/37] modpost: show warning if vmlinux is not found when processing modules Masahiro Yamada
2020-06-01 5:57 ` [PATCH 20/37] modpost: show warning if any of symbol dump files is missing Masahiro Yamada
2020-06-01 5:57 ` [PATCH 21/37] modpost: drop RCS/CVS $Revision handling in MODULE_VERSION() Masahiro Yamada
2020-06-01 5:57 ` [PATCH 22/37] modpost: do not call get_modinfo() for vmlinux(.o) Masahiro Yamada
2020-06-01 5:57 ` [PATCH 23/37] modpost: add read_text_file() and get_line() helpers Masahiro Yamada
2020-06-01 5:57 ` Masahiro Yamada [this message]
2020-06-01 5:57 ` [PATCH 25/37] modpost: avoid false-positive file open error Masahiro Yamada
2020-06-01 5:57 ` [PATCH 26/37] modpost: use read_text_file() and get_line() for reading text files Masahiro Yamada
2020-06-01 5:57 ` [PATCH 27/37] modpost: remove get_next_text() and make {grab,release_}file static Masahiro Yamada
2020-06-01 5:57 ` [PATCH 28/37] modpost: remove -s option Masahiro Yamada
2020-06-01 5:57 ` [PATCH 29/37] modpost: move -d option in scripts/Makefile.modpost Masahiro Yamada
2020-06-01 5:57 ` [PATCH 30/37] modpost: remove mod->is_dot_o struct member Masahiro Yamada
2020-06-01 5:57 ` [PATCH 31/37] modpost: remove is_vmlinux() call in check_for_{gpl_usage,unused}() Masahiro Yamada
2020-06-01 5:57 ` [PATCH 32/37] modpost: add mod->is_vmlinux struct member Masahiro Yamada
2020-06-01 5:57 ` [PATCH 33/37] modpost: remove mod->skip " Masahiro Yamada
2020-06-01 5:57 ` [PATCH 34/37] modpost: set have_vmlinux in new_module() Masahiro Yamada
2020-06-01 5:57 ` [PATCH 35/37] modpost: strip .o from modname before calling new_module() Masahiro Yamada
2020-06-01 5:57 ` [PATCH 36/37] modpost: remove is_vmlinux() helper Masahiro Yamada
2020-06-01 5:57 ` [PATCH 37/37] modpost: change elf_info->size to size_t Masahiro Yamada
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200601055731.3006266-24-masahiroy@kernel.org \
--to=masahiroy@kernel.org \
--cc=linux-kbuild@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.