Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp5855601ybv; Wed, 12 Feb 2020 01:22:18 -0800 (PST) X-Google-Smtp-Source: APXvYqw1yaP2XA7N5RO9E3hYQ3y7UdAo+5Y3BMFKtgy0qJ1+5hybNUWTYfb2Fr8qotqB/XdIztdP X-Received: by 2002:a9d:2264:: with SMTP id o91mr8516475ota.328.1581499337989; Wed, 12 Feb 2020 01:22:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1581499337; cv=none; d=google.com; s=arc-20160816; b=LNJr+NFu4GhHMqhSckIofX38h6Evu4VKH+GMzAvh2B7v/ObPE88LrhEan4PdnmEiqP DIWWJ3Xg86T42MWDLTO+aOqv6A+yUVeVav1IBhGP3QGbWb5T8SJAuVkIMciIX+mcPAGE UmjGAZr6qYnGUDtXY0VdagRmebSrc2LPuu8PIYpMiDVViuC78ExV0uGyJnw9L6fQ9OCJ XbW2Z4QZP0D9m7ryrzMVeJWAoXQQ6854ciEVlC3VjNesTuS4Is2yEuWsluC0voKce106 x/zwmBq6DGjB8IV/lejbcWHXxv8Z96pQjD9KnWgc9JPdS9INyEQ6PkgwV/QXrUgF4yun aCUg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature:dkim-filter; bh=iYzD7pdsLyiDZ36c5d6tg+M16G3Z0A4Qkle2y21WmO4=; b=qKIakkVCJJ+7Q90j/A+hgXxThgWQdUD3N9g1a4I7x5hEkBwR7sdeo6LL+fl4vUzz6C D856Z5QpMl74cAAro3Vc8lCuoUjRCx6ZOQvLHXVT/a1dLL9jXIgW3YMHbpOIiHaKXIlR Gl0ahn+J3G5IRlNWEe3aPDBsDM1R7U4cRM3ylOEmyQ8x/HfPq0ciWYUg9lQeZ1ms0MjP 7NLR1+cYMZ8FsxAPJBSCqf0HevhpIt2FzRkIbY8RxoYIIpUvFbk3OOEffHyxg58K2hv1 VaS7Ww6jy1KdZgmYWtVATvjsOqsRGQbxVAELEpEHxvUtQ5j3kBelHmPmm11rCha8j+q8 hg5w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@nifty.com header.s=dec2015msa header.b=MEkMO8qW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l21si3438504otk.142.2020.02.12.01.22.04; Wed, 12 Feb 2020 01:22:17 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@nifty.com header.s=dec2015msa header.b=MEkMO8qW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728791AbgBLJVc (ORCPT + 99 others); Wed, 12 Feb 2020 04:21:32 -0500 Received: from conssluserg-01.nifty.com ([210.131.2.80]:59506 "EHLO conssluserg-01.nifty.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728530AbgBLJVb (ORCPT ); Wed, 12 Feb 2020 04:21:31 -0500 Received: from mail-ua1-f53.google.com (mail-ua1-f53.google.com [209.85.222.53]) (authenticated) by conssluserg-01.nifty.com with ESMTP id 01C9LI33008124; Wed, 12 Feb 2020 18:21:19 +0900 DKIM-Filter: OpenDKIM Filter v2.10.3 conssluserg-01.nifty.com 01C9LI33008124 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nifty.com; s=dec2015msa; t=1581499279; bh=iYzD7pdsLyiDZ36c5d6tg+M16G3Z0A4Qkle2y21WmO4=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=MEkMO8qWqvGOB6YbA98tAicKNmVYCmEEF0+jvnZcP9vwWz5Z/XT1+Xds25vCvvshA 5zE/p5kLAorYZHqVYD3jmzJ4w1LdUJ19ZmdnBjhI+wpKbN7Bxewt9kHhIeqvk2oXrO csk23G4fdJ9OyKsaInvXj3jS8QpaPywXcU7+J7r6IuUY/0vjSNO86L3UEQPL5+fyO0 McohvztsbamEnjn7UDDplfhbzJYR+CcDXCwrjntBrOdcqrs7GGjA50LIRmMtMwfqzN uaV/zXL/Owwfi5xlN8GBD3pk4VFGr3t+TJJ02HiOQsYBWTqIf1HbBpz+bD+r8Fmr66 p3qp8l6RgZaIg== X-Nifty-SrcIP: [209.85.222.53] Received: by mail-ua1-f53.google.com with SMTP id w15so607239uap.0; Wed, 12 Feb 2020 01:21:19 -0800 (PST) X-Gm-Message-State: APjAAAXrZYjw0vBK9T4UBABLZ00khLEbbLJ7rX/aVG4l0NH8cb3RVZjv w8bauO4iyAnt9uq08LyBp1GdEUTGMrZMBPF6PiI= X-Received: by 2002:ab0:2881:: with SMTP id s1mr3947693uap.95.1581499278141; Wed, 12 Feb 2020 01:21:18 -0800 (PST) MIME-Version: 1.0 References: <20200210161852.842-1-masahiroy@kernel.org> In-Reply-To: <20200210161852.842-1-masahiroy@kernel.org> From: Masahiro Yamada Date: Wed, 12 Feb 2020 18:20:42 +0900 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH] scripts/kallsyms: fix memory corruption caused by write over-run To: Linux Kbuild mailing list Cc: youling257 , Pavel Machek , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Feb 11, 2020 at 1:19 AM Masahiro Yamada wrote: > > scripts/kallsyms crashes because memcpy() writes one more byte than > allocated. > > Fixes: 8d60526999aa ("scripts/kallsyms: change table to store (strcut sym_entry *)") > Reported-by: youling257 > Reported-by: Pavel Machek > Signed-off-by: Masahiro Yamada > --- Applied. I will send a pull request shortly because many people are tripping over this bug. > scripts/kallsyms.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/scripts/kallsyms.c b/scripts/kallsyms.c > index a566d8201b56..0133dfaaf352 100644 > --- a/scripts/kallsyms.c > +++ b/scripts/kallsyms.c > @@ -210,7 +210,7 @@ static struct sym_entry *read_symbol(FILE *in) > > len = strlen(name) + 1; > > - sym = malloc(sizeof(*sym) + len); > + sym = malloc(sizeof(*sym) + len + 1); > if (!sym) { > fprintf(stderr, "kallsyms failure: " > "unable to allocate required amount of memory\n"); > @@ -219,7 +219,7 @@ static struct sym_entry *read_symbol(FILE *in) > sym->addr = addr; > sym->len = len; > sym->sym[0] = type; > - memcpy(sym_name(sym), name, len); > + strcpy(sym_name(sym), name); > sym->percpu_absolute = 0; > > return sym; > -- > 2.17.1 > -- Best Regards Masahiro Yamada