linux-modules.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH 0/2] harden libkmod-builtin with wrong modules.builtin.modinfo
       [not found] <CGME20210413112018epcas1p15c2cb9693086133c145845030df145ef@epcas1p1.samsung.com>
@ 2021-04-13 11:23 ` Seung-Woo Kim
       [not found]   ` <CGME20210413112018epcas1p4e7e6b23060a83694867b07a1f1afc200@epcas1p4.samsung.com>
                     ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Seung-Woo Kim @ 2021-04-13 11:23 UTC (permalink / raw)
  To: linux-modules, lucas.de.marchi; +Cc: gladkov.alexey, sw0312.kim, sungguk.na

The wrong data in modules.builtin.modinfo can cause overflow or
double free from modinfo with libkmod-builtin. Fix the error
cases with strict checking.

Seung-Woo Kim (2):
  libkmod: fix an overflow with wrong modules.builtin.modinfo
  libkmod: fix possible double free with wrong modules.builtin.modinfo

 libkmod/libkmod-builtin.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

-- 
2.19.2


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH 1/2] libkmod: fix an overflow with wrong modules.builtin.modinfo
       [not found]   ` <CGME20210413112018epcas1p4e7e6b23060a83694867b07a1f1afc200@epcas1p4.samsung.com>
@ 2021-04-13 11:23     ` Seung-Woo Kim
  0 siblings, 0 replies; 4+ messages in thread
From: Seung-Woo Kim @ 2021-04-13 11:23 UTC (permalink / raw)
  To: linux-modules, lucas.de.marchi; +Cc: gladkov.alexey, sw0312.kim, sungguk.na

Fix a possbile overflow with exact PATH_MAX length modname
in wrong modules.builtin.modinfo.

Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
---
 libkmod/libkmod-builtin.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libkmod/libkmod-builtin.c b/libkmod/libkmod-builtin.c
index fc9a37644261..a75a542f6942 100644
--- a/libkmod/libkmod-builtin.c
+++ b/libkmod/libkmod-builtin.c
@@ -246,7 +246,7 @@ bool kmod_builtin_iter_get_modname(struct kmod_builtin_iter *iter,
 
 	len = dot - line;
 
-	if (len > PATH_MAX) {
+	if (len >= PATH_MAX) {
 		sv_errno = ENAMETOOLONG;
 		goto fail;
 	}
-- 
2.19.2


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH 2/2] libkmod: fix possible double free with wrong modules.builtin.modinfo
       [not found]   ` <CGME20210413112019epcas1p22c64b861d296333a64c348020c7ca20e@epcas1p2.samsung.com>
@ 2021-04-13 11:23     ` Seung-Woo Kim
  0 siblings, 0 replies; 4+ messages in thread
From: Seung-Woo Kim @ 2021-04-13 11:23 UTC (permalink / raw)
  To: linux-modules, lucas.de.marchi; +Cc: gladkov.alexey, sw0312.kim, sungguk.na

Fix double free for *modinfo with non '\0' terminated wrong
modules.builtin.modinfo, which is because EOF is minus value.

Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
---
 libkmod/libkmod-builtin.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libkmod/libkmod-builtin.c b/libkmod/libkmod-builtin.c
index a75a542f6942..a002cb5ee2c6 100644
--- a/libkmod/libkmod-builtin.c
+++ b/libkmod/libkmod-builtin.c
@@ -313,7 +313,7 @@ ssize_t kmod_builtin_get_modinfo(struct kmod_ctx *ctx, const char *modname,
 	while (offset < iter->next) {
 		offset = get_string(iter, pos, &line, &linesz);
 		if (offset <= 0) {
-			count = (offset) ? -errno : -EOF;
+			count = (offset) ? -errno : -EINVAL;
 			free(*modinfo);
 			goto fail;
 		}
-- 
2.19.2


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH 0/2] harden libkmod-builtin with wrong modules.builtin.modinfo
  2021-04-13 11:23 ` [PATCH 0/2] harden libkmod-builtin with wrong modules.builtin.modinfo Seung-Woo Kim
       [not found]   ` <CGME20210413112018epcas1p4e7e6b23060a83694867b07a1f1afc200@epcas1p4.samsung.com>
       [not found]   ` <CGME20210413112019epcas1p22c64b861d296333a64c348020c7ca20e@epcas1p2.samsung.com>
@ 2021-04-17 20:58   ` Lucas De Marchi
  2 siblings, 0 replies; 4+ messages in thread
From: Lucas De Marchi @ 2021-04-17 20:58 UTC (permalink / raw)
  To: Seung-Woo Kim; +Cc: linux-modules, lucas.de.marchi, gladkov.alexey, sungguk.na

On Tue, Apr 13, 2021 at 08:23:13PM +0900, Seung-Woo Kim wrote:
>The wrong data in modules.builtin.modinfo can cause overflow or
>double free from modinfo with libkmod-builtin. Fix the error
>cases with strict checking.
>
>Seung-Woo Kim (2):
>  libkmod: fix an overflow with wrong modules.builtin.modinfo
>  libkmod: fix possible double free with wrong modules.builtin.modinfo


both commits applied,

thanks
Lucas De Marchi

>
> libkmod/libkmod-builtin.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
>-- 
>2.19.2
>

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2021-04-17 20:58 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <CGME20210413112018epcas1p15c2cb9693086133c145845030df145ef@epcas1p1.samsung.com>
2021-04-13 11:23 ` [PATCH 0/2] harden libkmod-builtin with wrong modules.builtin.modinfo Seung-Woo Kim
     [not found]   ` <CGME20210413112018epcas1p4e7e6b23060a83694867b07a1f1afc200@epcas1p4.samsung.com>
2021-04-13 11:23     ` [PATCH 1/2] libkmod: fix an overflow " Seung-Woo Kim
     [not found]   ` <CGME20210413112019epcas1p22c64b861d296333a64c348020c7ca20e@epcas1p2.samsung.com>
2021-04-13 11:23     ` [PATCH 2/2] libkmod: fix possible double free " Seung-Woo Kim
2021-04-17 20:58   ` [PATCH 0/2] harden libkmod-builtin " Lucas De Marchi

This is a public inbox, see mirroring instructions
on how to clone and mirror all data and code used for this inbox