[PATCH] kbuild: fix buffer overflow in modpost
Jiri Benc <jbenc@suse.cz> reported that modpost would stop with SIGABRT if used with long filepaths. The error looked like: > Building modules, stage 2. > MODPOST > *** glibc detected *** scripts/mod/modpost: realloc(): invalid next size: +0x0809f588 *** > [...] Fix this by allocating at least the required memory + SZ bytes each time. Before we sometimes ended up allocating too little memory resuting in the glibc detected bug above. Based on patch originally submitted by: Jiri Benc <jbenc@suse.cz> Signed-off-by: Sam Ravnborg <sam@ravnborg.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
Родитель
85c6932ef0
Коммит
7670f023aa
|
@ -508,12 +508,7 @@ buf_printf(struct buffer *buf, const char *fmt, ...)
|
|||
|
||||
va_start(ap, fmt);
|
||||
len = vsnprintf(tmp, SZ, fmt, ap);
|
||||
if (buf->size - buf->pos < len + 1) {
|
||||
buf->size += 128;
|
||||
buf->p = realloc(buf->p, buf->size);
|
||||
}
|
||||
strncpy(buf->p + buf->pos, tmp, len + 1);
|
||||
buf->pos += len;
|
||||
buf_write(buf, tmp, len);
|
||||
va_end(ap);
|
||||
}
|
||||
|
||||
|
@ -521,7 +516,7 @@ void
|
|||
buf_write(struct buffer *buf, const char *s, int len)
|
||||
{
|
||||
if (buf->size - buf->pos < len) {
|
||||
buf->size += len;
|
||||
buf->size += len + SZ;
|
||||
buf->p = realloc(buf->p, buf->size);
|
||||
}
|
||||
strncpy(buf->p + buf->pos, s, len);
|
||||
|
|
Загрузка…
Ссылка в новой задаче