hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

kbuild: replace unbounded sprintf call in modpost 

The modpost tool could overflow its stack buffer if someone was running
with an insane shell environment. Regardless, it's technically a bug,
so this fixes it to truncate the string instead of seg-faulting.

Found by Coverity.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michal Marek <mmarek@suse.cz>
This commit is contained in:
Kees Cook 2013-10-25 06:14:43 -07:00 committed by Michal Marek
parent 21cf6e584c
commit 849464d1ba
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/mod/sumversion.c
View File

@ -416,7 +416,7 @@ void get_src_version(const char *modname, char sum[], unsigned sumlen)
basename = strrchr(modname, '/') + 1; basename = strrchr(modname, '/') + 1;
else else
basename = modname; basename = modname;
sprintf(filelist, "%s/%.*s.mod", modverdir, snprintf(filelist, sizeof(filelist), "%s/%.*s.mod", modverdir,
(int) strlen(basename) - 2, basename); (int) strlen(basename) - 2, basename);
file = grab_file(filelist, &len); file = grab_file(filelist, &len);