From: Masahiro Yamada <masahiroy@kernel.org>
To: linux-kbuild@vger.kernel.org
Cc: Jessica Yu <jeyu@kernel.org>,
Masahiro Yamada <masahiroy@kernel.org>,
Michal Marek <michal.lkml@markovi.net>,
linux-kernel@vger.kernel.org
Subject: [PATCH 04/29] modpost: fix potential mmap'ed file overrun in get_src_version()
Date: Sun, 17 May 2020 18:48:34 +0900 [thread overview]
Message-ID: <20200517094859.2376211-5-masahiroy@kernel.org> (raw)
In-Reply-To: <20200517094859.2376211-1-masahiroy@kernel.org>
I do not know how reliably this function works, but it seems dangerous
to me, at least.
The function call
strchr(sources, '\n');
... continues searching until it finds '\n' or it reaches the '\0'
terminator. In other words, 'sources' should be a null-terminated
string.
However, grab_file() just mmaps a file, so 'sources' is not terminated
with null byte. If the file does not contain '\n' at all, strchr() will
go beyond the mmap'ed memory.
Instead, use read_text_file(), which loads the file content into a
malloc'ed buffer, appending null-byte.
Here we are interested only in the first line of *.mod files. Use
get_line() helper to get the first line.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
---
scripts/mod/sumversion.c | 27 ++++++++++++---------------
1 file changed, 12 insertions(+), 15 deletions(-)
diff --git a/scripts/mod/sumversion.c b/scripts/mod/sumversion.c
index f27f22420cbc..f9aa532d93cf 100644
--- a/scripts/mod/sumversion.c
+++ b/scripts/mod/sumversion.c
@@ -392,40 +392,37 @@ static int parse_source_files(const char *objfile, struct md4_ctx *md)
/* Calc and record src checksum. */
void get_src_version(const char *modname, char sum[], unsigned sumlen)
{
- void *file;
- unsigned long len;
+ char *buf, *pos, *firstline;
struct md4_ctx md;
- char *sources, *end, *fname;
+ char *fname;
char filelist[PATH_MAX + 1];
/* objects for a module are listed in the first line of *.mod file. */
snprintf(filelist, sizeof(filelist), "%.*smod",
(int)strlen(modname) - 1, modname);
- file = grab_file(filelist, &len);
- if (!file)
+ buf = read_text_file(filelist);
+ if (!buf)
/* not a module or .mod file missing - ignore */
return;
- sources = file;
-
- end = strchr(sources, '\n');
- if (!end) {
+ pos = buf;
+ firstline = get_line(&pos);
+ if (!firstline) {
warn("bad ending versions file for %s\n", modname);
- goto release;
+ goto free;
}
- *end = '\0';
md4_init(&md);
- while ((fname = strsep(&sources, " ")) != NULL) {
+ while ((fname = strsep(&firstline, " "))) {
if (!*fname)
continue;
if (!(is_static_library(fname)) &&
!parse_source_files(fname, &md))
- goto release;
+ goto free;
}
md4_final_ascii(&md, sum, sumlen);
-release:
- release_file(file, len);
+free:
+ free(buf);
}
--
2.25.1
next prev parent reply other threads:[~2020-05-17 9:49 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-17 9:48 [PATCH 00/29] modpost: various fixes, cleanups, optimizations Masahiro Yamada
2020-05-17 9:48 ` [PATCH 01/29] modpost: drop RCS/CVS $Revision handling in MODULE_VERSION() Masahiro Yamada
2020-05-17 9:48 ` [PATCH 02/29] modpost: do not call get_modinfo() for vmlinux Masahiro Yamada
2020-05-17 9:48 ` [PATCH 03/29] modpost: add read_text_file() and get_line() helpers Masahiro Yamada
2020-05-19 10:21 ` Peter Zijlstra
2020-05-20 12:17 ` Masahiro Yamada
2020-05-20 12:29 ` Peter Zijlstra
2020-05-23 4:18 ` Masahiro Yamada
2020-05-17 9:48 ` Masahiro Yamada [this message]
2020-05-17 9:48 ` [PATCH 05/29] modpost: re-add warning about missing *.mod file Masahiro Yamada
2020-05-17 9:48 ` [PATCH 06/29] modpost: avoid false-positive file open error Masahiro Yamada
2020-05-17 9:48 ` [PATCH 07/29] modpost: use read_text_file() and get_line() for reading text files Masahiro Yamada
2020-05-17 9:48 ` [PATCH 08/29] modpost: remove get_next_text() and make {grab,release_}file static Masahiro Yamada
2020-05-17 9:48 ` [PATCH 09/29] kbuild: disallow multi-word in M= or KBUILD_EXTMOD Masahiro Yamada
2020-05-17 12:33 ` David Laight
2020-05-21 3:57 ` Masahiro Yamada
2020-05-17 9:48 ` [PATCH 10/29] modpost: move -T option close to the modpost command Masahiro Yamada
2020-05-17 9:48 ` [PATCH 11/29] modpost: pass -N option only for modules modpost Masahiro Yamada
2020-05-17 9:48 ` [PATCH 12/29] modpost: move external module options Masahiro Yamada
2020-05-17 9:48 ` [PATCH 13/29] modpost: load KBUILD_EXTRA_SYMBOLS files in order Masahiro Yamada
2020-05-17 9:48 ` [PATCH 14/29] modpost: track if the symbol origin is a dump file or ELF object Masahiro Yamada
2020-05-17 9:48 ` [PATCH 15/29] modpost: allow to pass -i option multiple times remove -e option Masahiro Yamada
2020-05-17 9:48 ` [PATCH 16/29] modpost: rename ext_sym_list to dump_list Masahiro Yamada
2020-05-17 9:48 ` [PATCH 17/29] modpost: re-add -e to set external_module flag Masahiro Yamada
2020-05-17 9:48 ` [PATCH 18/29] modpost: show warning if vmlinux is not found when processing modules Masahiro Yamada
2020-05-17 9:48 ` [PATCH 19/29] modpost: show warning if it fails to read symbol dump file Masahiro Yamada
2020-05-17 9:48 ` [PATCH 20/29] modpost: generate vmlinux.symvers and reuse it for the second modpost Masahiro Yamada
2020-05-17 9:48 ` [PATCH 21/29] modpost: remove -s option Masahiro Yamada
2020-05-17 9:48 ` [PATCH 22/29] modpost: remove mod->is_dot_o struct member Masahiro Yamada
2020-05-17 9:48 ` [PATCH 23/29] modpost: remove is_vmlinux() call in check_for_{gpl_usage,unused}() Masahiro Yamada
2020-05-17 9:48 ` [PATCH 24/29] modpost: add mod->is_vmlinux struct member Masahiro Yamada
2020-05-17 9:48 ` [PATCH 25/29] modpost: remove mod->skip " Masahiro Yamada
2020-05-17 9:48 ` [PATCH 26/29] modpost: set have_vmlinux in new_module() Masahiro Yamada
2020-05-17 9:48 ` [PATCH 27/29] modpost: strip .o from modname before calling new_module() Masahiro Yamada
2020-05-17 9:48 ` [PATCH 28/29] modpost: remove is_vmlinux() helper Masahiro Yamada
2020-05-17 9:48 ` [PATCH 29/29] modpost: change elf_info->size to size_t Masahiro Yamada
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200517094859.2376211-5-masahiroy@kernel.org \
--to=masahiroy@kernel.org \
--cc=jeyu@kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=michal.lkml@markovi.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox