* [PATCH 0/2] harden libkmod-builtin with wrong modules.builtin.modinfo [not found] <CGME20210413112018epcas1p15c2cb9693086133c145845030df145ef@epcas1p1.samsung.com> @ 2021-04-13 11:23 ` Seung-Woo Kim [not found] ` <CGME20210413112018epcas1p4e7e6b23060a83694867b07a1f1afc200@epcas1p4.samsung.com> ` (2 more replies) 0 siblings, 3 replies; 4+ messages in thread From: Seung-Woo Kim @ 2021-04-13 11:23 UTC (permalink / raw) To: linux-modules, lucas.de.marchi; +Cc: gladkov.alexey, sw0312.kim, sungguk.na The wrong data in modules.builtin.modinfo can cause overflow or double free from modinfo with libkmod-builtin. Fix the error cases with strict checking. Seung-Woo Kim (2): libkmod: fix an overflow with wrong modules.builtin.modinfo libkmod: fix possible double free with wrong modules.builtin.modinfo libkmod/libkmod-builtin.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -- 2.19.2 ^ permalink raw reply [flat|nested] 4+ messages in thread
[parent not found: <CGME20210413112018epcas1p4e7e6b23060a83694867b07a1f1afc200@epcas1p4.samsung.com>]
* [PATCH 1/2] libkmod: fix an overflow with wrong modules.builtin.modinfo [not found] ` <CGME20210413112018epcas1p4e7e6b23060a83694867b07a1f1afc200@epcas1p4.samsung.com> @ 2021-04-13 11:23 ` Seung-Woo Kim 0 siblings, 0 replies; 4+ messages in thread From: Seung-Woo Kim @ 2021-04-13 11:23 UTC (permalink / raw) To: linux-modules, lucas.de.marchi; +Cc: gladkov.alexey, sw0312.kim, sungguk.na Fix a possbile overflow with exact PATH_MAX length modname in wrong modules.builtin.modinfo. Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com> --- libkmod/libkmod-builtin.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libkmod/libkmod-builtin.c b/libkmod/libkmod-builtin.c index fc9a37644261..a75a542f6942 100644 --- a/libkmod/libkmod-builtin.c +++ b/libkmod/libkmod-builtin.c @@ -246,7 +246,7 @@ bool kmod_builtin_iter_get_modname(struct kmod_builtin_iter *iter, len = dot - line; - if (len > PATH_MAX) { + if (len >= PATH_MAX) { sv_errno = ENAMETOOLONG; goto fail; } -- 2.19.2 ^ permalink raw reply related [flat|nested] 4+ messages in thread
[parent not found: <CGME20210413112019epcas1p22c64b861d296333a64c348020c7ca20e@epcas1p2.samsung.com>]
* [PATCH 2/2] libkmod: fix possible double free with wrong modules.builtin.modinfo [not found] ` <CGME20210413112019epcas1p22c64b861d296333a64c348020c7ca20e@epcas1p2.samsung.com> @ 2021-04-13 11:23 ` Seung-Woo Kim 0 siblings, 0 replies; 4+ messages in thread From: Seung-Woo Kim @ 2021-04-13 11:23 UTC (permalink / raw) To: linux-modules, lucas.de.marchi; +Cc: gladkov.alexey, sw0312.kim, sungguk.na Fix double free for *modinfo with non '\0' terminated wrong modules.builtin.modinfo, which is because EOF is minus value. Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com> --- libkmod/libkmod-builtin.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libkmod/libkmod-builtin.c b/libkmod/libkmod-builtin.c index a75a542f6942..a002cb5ee2c6 100644 --- a/libkmod/libkmod-builtin.c +++ b/libkmod/libkmod-builtin.c @@ -313,7 +313,7 @@ ssize_t kmod_builtin_get_modinfo(struct kmod_ctx *ctx, const char *modname, while (offset < iter->next) { offset = get_string(iter, pos, &line, &linesz); if (offset <= 0) { - count = (offset) ? -errno : -EOF; + count = (offset) ? -errno : -EINVAL; free(*modinfo); goto fail; } -- 2.19.2 ^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH 0/2] harden libkmod-builtin with wrong modules.builtin.modinfo 2021-04-13 11:23 ` [PATCH 0/2] harden libkmod-builtin with wrong modules.builtin.modinfo Seung-Woo Kim [not found] ` <CGME20210413112018epcas1p4e7e6b23060a83694867b07a1f1afc200@epcas1p4.samsung.com> [not found] ` <CGME20210413112019epcas1p22c64b861d296333a64c348020c7ca20e@epcas1p2.samsung.com> @ 2021-04-17 20:58 ` Lucas De Marchi 2 siblings, 0 replies; 4+ messages in thread From: Lucas De Marchi @ 2021-04-17 20:58 UTC (permalink / raw) To: Seung-Woo Kim; +Cc: linux-modules, lucas.de.marchi, gladkov.alexey, sungguk.na On Tue, Apr 13, 2021 at 08:23:13PM +0900, Seung-Woo Kim wrote: >The wrong data in modules.builtin.modinfo can cause overflow or >double free from modinfo with libkmod-builtin. Fix the error >cases with strict checking. > >Seung-Woo Kim (2): > libkmod: fix an overflow with wrong modules.builtin.modinfo > libkmod: fix possible double free with wrong modules.builtin.modinfo both commits applied, thanks Lucas De Marchi > > libkmod/libkmod-builtin.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > >-- >2.19.2 > ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-04-17 20:58 UTC | newest] Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <CGME20210413112018epcas1p15c2cb9693086133c145845030df145ef@epcas1p1.samsung.com> 2021-04-13 11:23 ` [PATCH 0/2] harden libkmod-builtin with wrong modules.builtin.modinfo Seung-Woo Kim [not found] ` <CGME20210413112018epcas1p4e7e6b23060a83694867b07a1f1afc200@epcas1p4.samsung.com> 2021-04-13 11:23 ` [PATCH 1/2] libkmod: fix an overflow " Seung-Woo Kim [not found] ` <CGME20210413112019epcas1p22c64b861d296333a64c348020c7ca20e@epcas1p2.samsung.com> 2021-04-13 11:23 ` [PATCH 2/2] libkmod: fix possible double free " Seung-Woo Kim 2021-04-17 20:58 ` [PATCH 0/2] harden libkmod-builtin " Lucas De Marchi
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).