[Crash-utility] [PATCH v2] Fixed the segment fault when ikconfig passed nonstandard values
lijiang
lijiang at redhat.com
Fri Jan 15 02:22:39 UTC 2021
在 2021年01月05日 20:12, crash-utility-request at redhat.com 写道:
> Date: Tue, 5 Jan 2021 09:45:11 +0800
> From: liuyun01 at tj.kylinos.cn
> To: crash-utility at redhat.com
> Cc: d.hatayama at fujitsu.com
> Subject: [Crash-utility] [PATCH v2] Fixed the segment fault when
> ikconfig passed nonstandard values
> Message-ID: <20210105014511.1709-1-liuyun01 at tj.kylinos.cn>
> Content-Type: text/plain; charset=UTF-8
>
> From: Jackie Liu <liuyun01 at kylinos.cn>
>
> Some strange reasons may cause kcore to collect some strange
> entries of ikconfig, such as CONFIG_SECU+[some hex data] causes
> the 'val' to be NULL, and then crashes when strdup.
>
> CONFIG_SECU+[some hex data] to be **strings that don't
> contain the delimitor string '='** and then strtok_r() interprets
> it as consisting of a single token, hence val resulting in having NULL.
>
Thank you for the fix.
Acked-by: Lianbo Jiang <lijiang at redhat.com>
> [d.hatayama at fujitsu.com: rewrite comment]
> Suggested-by: HAGIO KAZUHITO(?? ??) <k-hagio-ab at nec.com>
> Signed-off-by: Jackie Liu <liuyun01 at kylinos.cn>
> ---
> kernel.c | 14 +++++++++++---
> 1 file changed, 11 insertions(+), 3 deletions(-)
>
> diff --git a/kernel.c b/kernel.c
> index 9871637..c8182a6 100644
> --- a/kernel.c
> +++ b/kernel.c
> @@ -10236,7 +10236,7 @@ static struct ikconfig_list {
> char *val;
> } *ikconfig_all;
>
> -static void add_ikconfig_entry(char *line, struct ikconfig_list *ent)
> +static int add_ikconfig_entry(char *line, struct ikconfig_list *ent)
> {
> char *tokptr, *name, *val;
>
> @@ -10244,8 +10244,16 @@ static void add_ikconfig_entry(char *line, struct ikconfig_list *ent)
> sscanf(name, "CONFIG_%s", name);
> val = strtok_r(NULL, "", &tokptr);
>
> + if (!val) {
> + if (CRASHDEBUG(2))
> + error(WARNING, "invalid ikconfig entry: %s\n", line);
> + return FALSE;
> + }
> +
> ent->name = strdup(name);
> ent->val = strdup(val);
> +
> + return TRUE;
> }
>
> static int setup_ikconfig(char *config)
> @@ -10265,8 +10273,8 @@ static int setup_ikconfig(char *config)
> ent++;
>
> if (STRNEQ(ent, "CONFIG_")) {
> - add_ikconfig_entry(ent,
> - &ikconfig_all[kt->ikconfig_ents++]);
> + if (add_ikconfig_entry(ent, &ikconfig_all[kt->ikconfig_ents]))
> + kt->ikconfig_ents++;
> if (kt->ikconfig_ents == IKCONFIG_MAX) {
> error(WARNING, "ikconfig overflow.\n");
> return 1;
> -- 2.17.1
More information about the Crash-utility
mailing list