Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp5077845ybv; Tue, 11 Feb 2020 08:46:45 -0800 (PST) X-Google-Smtp-Source: APXvYqwpqRmjNp8J8rL07QBP88m7lzEMtmj1h1jUR9xNKWIkoPMEUS+MouWSM/YPkCEsv5HAAfMd X-Received: by 2002:a05:6808:8e1:: with SMTP id d1mr3395692oic.68.1581439605852; Tue, 11 Feb 2020 08:46:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1581439605; cv=none; d=google.com; s=arc-20160816; b=rIT7sMaSkULlEAWr5ALs4GX1dNjDdpqEIc0AtzpMGcXE1DGMTEj+tGXyCmIBD6M61N F31wZfwdHvgUOQS7T4f6gcDf9wQCRW8rTt2XqENLjwl3wutBM/6nqFd3ve83A6bjdyWo Qdzzy+rB8h77NVF3RhyKmrsjcq/ukvZl68Gd08lDfekSlsVkuatC9tdIoT01T7o2ldjJ Hqx0xV6a092874S6rx17km+JE9fawv0LLhVrPzyfYHhbcmeLFZkt/EB8oa5FvICaPfPZ NdoTQqM3JJf78fOcBunwLasI7ZjXkAPGDpA6hWSl+b0WyBfMydarxnOAKEeNKxkplWlE XRAg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature:dkim-filter; bh=eK4UEfP1oZq3xGwyYCFOa/ywH4zsvgqp7UQXXtIcfqs=; b=acghz++k5iPirJnCtZmoAE6RLVwVOpcc+u4mVk776F0gC+ExMrHBLg9JQBliphRJbk cKUDUJFACw4bAgvp2D6xyO+M7mfuuIvkbDo6f/50MJZZlkRrew28Mrv1E1JGc3VtKTye kKyOr5sWKC5kYbBABWcG2hmpPajTTmfjEk3HbEWesMJxEvt/XYDbXeRKTqHTAGa5Cco3 zHaD1q/s6+Yj0xgC0Q+9zvaDm1h9N9n9SmOu0MuyQ2SBt0wxSNoV5AhdddyoAiRPPR2r RI685/sKlax+gBWaZKG3PCv/MYswuOkahrXmxKA72OOnHtVRMN9vc7bkXHGmUv9ndwC5 MuSw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@nifty.com header.s=dec2015msa header.b=crroNUFQ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n11si2132760otk.290.2020.02.11.08.46.30; Tue, 11 Feb 2020 08:46:45 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@nifty.com header.s=dec2015msa header.b=crroNUFQ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730243AbgBKOrc (ORCPT + 99 others); Tue, 11 Feb 2020 09:47:32 -0500 Received: from conssluserg-01.nifty.com ([210.131.2.80]:42840 "EHLO conssluserg-01.nifty.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727511AbgBKOrc (ORCPT ); Tue, 11 Feb 2020 09:47:32 -0500 Received: from mail-ua1-f51.google.com (mail-ua1-f51.google.com [209.85.222.51]) (authenticated) by conssluserg-01.nifty.com with ESMTP id 01BElErD023152; Tue, 11 Feb 2020 23:47:15 +0900 DKIM-Filter: OpenDKIM Filter v2.10.3 conssluserg-01.nifty.com 01BElErD023152 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nifty.com; s=dec2015msa; t=1581432435; bh=eK4UEfP1oZq3xGwyYCFOa/ywH4zsvgqp7UQXXtIcfqs=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=crroNUFQPqc5SssgcTr9um9PNEZK2LvgAeaZkwnGSWhon21TAY4Tp5uZmJ2X8r1nX GGhnlMxrGyK7//gl8GrNAOKd5Gkts/LeSgIMQOIaCOT1r9BH6e6ehhmPZNMpGwYJQB wsj+5Hm5/YVm8ZPnqYG7lVQU+Tk10YW0pNH2nmbhzntPvycP3BPNcliqyXK2mbLab8 N0TN9jvUiIUgh/dkvOrLstIGUcBELQzEoayKMC+FDCu4ret7NfFRbG593PVhdGLneN Vf4jTBHirudUZqst9vtnbBkL2f39jTc/XdQbZZ1MvIgCnH1+h1t1AL2cyGbzDlaXxO 16YnFG/BXQBNQ== X-Nifty-SrcIP: [209.85.222.51] Received: by mail-ua1-f51.google.com with SMTP id w15so4041015uap.0; Tue, 11 Feb 2020 06:47:15 -0800 (PST) X-Gm-Message-State: APjAAAUeES/6yNFHUaxEIFsHkB3acpSzXa8A42rQ/J1Lr8ng7H04AtgD O/+3BoBHZHbHZtFLFbNKxZzkGUdRKUXv9VtM3zQ= X-Received: by 2002:ab0:45c7:: with SMTP id u65mr3961359uau.109.1581432434139; Tue, 11 Feb 2020 06:47:14 -0800 (PST) MIME-Version: 1.0 References: <20200210161852.842-1-masahiroy@kernel.org> In-Reply-To: From: Masahiro Yamada Date: Tue, 11 Feb 2020 23:46:38 +0900 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH] scripts/kallsyms: fix memory corruption caused by write over-run To: Justin Capella Cc: Linux Kbuild mailing list , youling257 , Pavel Machek , LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi. On Tue, Feb 11, 2020 at 11:36 AM Justin Capella wrote: > > Looks like len is already +1, maybe it shouldn't be? This increment is for storing one more character, 'type'. sym->sym[0] = type; > > len = strlen(name) + 1; > > > > - sym = malloc(sizeof(*sym) + len); > > + sym = malloc(sizeof(*sym) + len + 1); This increment is for the '\0' termination. So, malloc() needs to allocate: sizeof(*sym) + strlen(name) + 2. > > > Maybe strlcpy or if len wasn't incremented? > > > > > - memcpy(sym_name(sym), name, len); > > + strcpy(sym_name(sym), name); > > -- Best Regards Masahiro Yamada