Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp2813733pxf; Sun, 28 Mar 2021 03:00:49 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwHfmIr95MB0EDlQbrrWcqGGx5105M07OkLWLRGiq4+U+x3DySOKqGvd/DUeLlST8YIW8o2 X-Received: by 2002:a17:907:c08:: with SMTP id ga8mr11559619ejc.376.1616925649396; Sun, 28 Mar 2021 03:00:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1616925649; cv=none; d=google.com; s=arc-20160816; b=V6ya5n/Z6/mO2ftZ8Zyy/f3LcPOYuLOaJqbhChem8FCszsByU9CTgoBiJ409nCkj6o +UDDR8ddPn5YOLRHcq9ZQCc5bpYrsjV9JDqhi1H5C1A1L7XOmo3k2rYENbviyrh0tiw+ 4O2zZ0SKk18eMwNz7bzXjetdmdAPstwIhB0JAuxqEh6thGdMletjwM4pkojVwIFIcFul X7DcTvJgug6HQwJEaobo+rhxtdqqErOWJ2hq8Y/2TUfIdGr7UoEDfqW/k5TJ5RCPxEPS Fh+zSpP7KReqgjmoW3Sj0PDPf9qD4528NMhyytIicPEj8bsoLSi8z6v1VBPuSY8y94VU UwpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=f+wfmqqsdnHuxJrYhV6ZNDZk7EiqqhN+8s84vDZYYag=; b=YGjNl0KvZFeQXzmu7re4JXjrOwa8WjAroEDiAw7R9vNQAunHt79a+S18Gf1o7LfKK2 ZF4D6LLT/Ikc3eDfhRqoYFVoujJXcOd+CCiVSFajvHBuoPwDi3tHdVnDJY6poYGAIO5W DB1Qd2HtMDdJdGxFXa07I8CFK1ectas8tL/4ySYVbI5n/zagcZS4g4rMBZgiqT48ZEif O3MLj8ZfgtYUhzHPUfkIs4qwPGgk+OpRqFXLJSvmaDQN61SuiU8QvZ2FfL50J3bIpRRH djZomfrdC2AcUhsImy48M7Pq0ZS/9LnpILGw+UlNqkPNopnFiixPhNDpIKPrh1rwrNLW LPTA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ionic.de header.s=default header.b=gYbjZFTl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id x26si10824758edv.23.2021.03.28.03.00.13; Sun, 28 Mar 2021 03:00:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@ionic.de header.s=default header.b=gYbjZFTl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229560AbhC1JxR (ORCPT + 99 others); Sun, 28 Mar 2021 05:53:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42576 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229647AbhC1Jwe (ORCPT ); Sun, 28 Mar 2021 05:52:34 -0400 Received: from mail.ionic.de (ionic.de [IPv6:2001:41d0:a:588b:1::2]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 9D5ADC061762 for ; Sun, 28 Mar 2021 02:52:34 -0700 (PDT) Authentication-Results: root24.eu; spf=softfail (domain owner discourages use of this host) smtp.mailfrom=ionic.de (client-ip=217.92.117.31; helo=home.ionic.de; envelope-from=ionic@ionic.de; receiver=) Received: from apgunner.local.home.ionic.de (home.ionic.de [217.92.117.31]) by mail.ionic.de (Postfix) with ESMTPSA id B9E204F00335; Sun, 28 Mar 2021 09:52:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ionic.de; s=default; t=1616925153; bh=o78CITAhPAPy1m+y76QU4WlSLLDcW8lStGSeu/frYO0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=gYbjZFTlpocZmi2Nn4RndIDlzq882TCPZQNIPMBZQtzf20S5xaN8I7rmkwhHmi/JE Wh+WrnPvVk0J5Nn3f3SUYOaFiMMXEEXvEdNvMxUd3Zvt+OATFhBCXbgkX1aOFH5e4R +4dy76bC3QCrmvnDdlkhHdtp/MIYJDfZIT7Dn+PM= From: Mihai Moldovan To: Masahiro Yamada Cc: linux-kernel@vger.kernel.org Subject: [PATCH v2] kconfig: nconf: stop endless search-up loops Date: Sun, 28 Mar 2021 11:52:27 +0200 Message-Id: <20210328095227.24323-1-ionic@ionic.de> X-Mailer: git-send-email 2.30.1 In-Reply-To: <20210327120155.500-1-ionic@ionic.de> References: <20210327120155.500-1-ionic@ionic.de> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org If the user selects the very first entry in a page and performs a search-up operation (e.g., via [/][a][Up Arrow]), nconf will never terminate searching the page. The reason is that in this case, the starting point will be set to -1, which is then translated into (n - 1) (i.e., the last entry of the page) and finally the search begins. This continues to work fine until the index reaches 0, at which point it will be decremented to -1, but not checked against the starting point right away. Instead, it's wrapped around to the bottom again, after which the starting point check occurs... and naturally fails. We can easily avoid it by checking against the starting point directly if the current index is -1 (which should be safe, since it's the only magic value that can occur) and terminate the matching function. Amazingly, nobody seems to have been hit by this for 11 years - or at the very least nobody bothered to debug and fix this. Signed-off-by: Mihai Moldovan --- v2: swap constant in comparison to right side, as requested by Randy Dunlap scripts/kconfig/nconf.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/scripts/kconfig/nconf.c b/scripts/kconfig/nconf.c index e0f965529166..db0dc46bc5ee 100644 --- a/scripts/kconfig/nconf.c +++ b/scripts/kconfig/nconf.c @@ -515,6 +515,15 @@ static int get_mext_match(const char *match_str, match_f flag) --index; else ++index; + /* + * It's fine for index to become negative - think of an + * initial value for match_start of 0 with a match direction + * of up, eventually making it -1. + * + * Handle this as a special case. + */ + if ((index == -1) && (index == match_start)) + return -1; index = (index + items_num) % items_num; if (index == match_start) return -1; -- 2.30.1