From patchwork Wed Aug 10 18:37:13 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lucas De Marchi X-Patchwork-Id: 9273507 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 3F83060231 for ; Wed, 10 Aug 2016 18:37:44 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3233B2841A for ; Wed, 10 Aug 2016 18:37:44 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 274E028422; Wed, 10 Aug 2016 18:37:44 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3957A2841A for ; Wed, 10 Aug 2016 18:37:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934336AbcHJShl (ORCPT ); Wed, 10 Aug 2016 14:37:41 -0400 Received: from mail-pf0-f194.google.com ([209.85.192.194]:34706 "EHLO mail-pf0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933215AbcHJShk (ORCPT ); Wed, 10 Aug 2016 14:37:40 -0400 Received: by mail-pf0-f194.google.com with SMTP id g202so3264441pfb.1 for ; Wed, 10 Aug 2016 11:37:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=+YqUVUDe0jxEBmUCLNjibEUbjDsZPxKIoD8VY2c6rmY=; b=ie7HVCy5dXikqQWS46r2ejKKnffxKQ3GBU7TveFNQgGie15F5RgQ62jrVK5Mlzwbwa 3Oxh/V7eVyUkWGCRLVQaLk/vT/YXu4ccMdYrVIq6w23yJHSnkCgPnK97XKJX/AXmKPTz 6xHQG6s8YRC2AXeGHkHEldErhyIq5m7KuhKhWEKAbk7n0ASrgdF15WXgN/Cg53P6UA84 jtAplvnxKWMzZLoiknssB3OaDCY575UHLZ5sU5qh0DMuYAiaurPHbt/Ei6VRsH/qbjm0 +wMyiSxspZbychNV6UUkewzm/Z2zdqskESUm9baQrEKsqwXbZquXt3189Zv+87otfJ15 D1RQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=+YqUVUDe0jxEBmUCLNjibEUbjDsZPxKIoD8VY2c6rmY=; b=Fx24nETIENmhHtQ8y+Moa376+ZBhA00R/RB1XqGZO5SM3jERhuI8qnU2qh7YKU/wRs 6rpRP6ggfsc5ymoHiQViFOZhB+gvK0t4uiPkRmtoI+ax6VExrbvryDSw010Pnz7ITIyp rhSePD5ZMAl0l4GXkJOkAGbel8ZzNQ3qx27dDkKxZqD11OMIH2XNCREnS1BSvCpisrQc +QVRDBWGYul6ZMBAmf0mD1NzS8x1uFTj7kVaBKzHI+uz9iiqfu67IWcdqOVl389dTReZ c+/yvla4GyLJVc7HxaGoIpBLeAgKGkX8zMPzY0XR1500CNRsjTBT9EtDySFyR2yTKPzO 9KuQ== X-Gm-Message-State: AEkoouvdDd3lzYglYd4eKhnSHvbabB3r2I34r6TF7bAfEPAbyG5b4KIC+i2+8CGcwbuCMg== X-Received: by 10.98.135.13 with SMTP id i13mr9693308pfe.44.1470854259478; Wed, 10 Aug 2016 11:37:39 -0700 (PDT) Received: from ldmartin-desk.amr.corp.intel.com (jfdmzpr02-ext.jf.intel.com. [134.134.137.71]) by smtp.gmail.com with ESMTPSA id s1sm65863315paz.47.2016.08.10.11.37.37 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 10 Aug 2016 11:37:38 -0700 (PDT) From: Lucas De Marchi To: linux-modules@vger.kernel.org Cc: Lucas De Marchi Subject: [PATCH 3/3] depmod: fix string overflow Date: Wed, 10 Aug 2016 15:37:13 -0300 Message-Id: <1470854233-19810-3-git-send-email-lucas.de.marchi@gmail.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1470854233-19810-1-git-send-email-lucas.de.marchi@gmail.com> References: <1470854233-19810-1-git-send-email-lucas.de.marchi@gmail.com> Sender: owner-linux-modules@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Lucas De Marchi Use scratchbuf to fix issue with strcpy that may overflow the buffer we declared in the stack. --- tools/depmod.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/tools/depmod.c b/tools/depmod.c index a2e07c1..be9e001 100644 --- a/tools/depmod.c +++ b/tools/depmod.c @@ -35,6 +35,7 @@ #include #include #include +#include #include @@ -1920,6 +1921,7 @@ static int output_symbols_bin(struct depmod *depmod, FILE *out) { struct index_node *idx; char alias[1024]; + struct scratchbuf salias; size_t baselen = sizeof("symbol:") - 1; struct hash_iter iter; const void *v; @@ -1932,16 +1934,21 @@ static int output_symbols_bin(struct depmod *depmod, FILE *out) return -ENOMEM; memcpy(alias, "symbol:", baselen); + scratchbuf_init(&salias, alias, sizeof(alias)); + hash_iter_init(depmod->symbols, &iter); while (hash_iter_next(&iter, NULL, &v)) { int duplicate; const struct symbol *sym = v; + size_t len; if (sym->owner == NULL) continue; - strcpy(alias + baselen, sym->name); + len = strlen(sym->name); + scratchbuf_alloc(&salias, baselen + len + 1); + memcpy(scratchbuf_str(&salias) + baselen, sym->name, len + 1); duplicate = index_insert(idx, alias, sym->owner->modname, sym->owner->idx); @@ -1951,6 +1958,7 @@ static int output_symbols_bin(struct depmod *depmod, FILE *out) } index_write(idx, out); + scratchbuf_release(&salias); index_destroy(idx); return 0;