Re: [Crash-utility] [PATCH v2] Fixed the segment fault when ikconfig passed nonstandard values

Thu, 14 Jan 2021 18:23:05 -0800 

在 2021年01月05日 20:12, [email protected] 写道:
> Date: Tue,  5 Jan 2021 09:45:11 +0800
> From: [email protected]
> To: [email protected]
> Cc: [email protected]
> Subject: [Crash-utility] [PATCH v2] Fixed the segment fault when
>       ikconfig        passed nonstandard values
> Message-ID: <[email protected]>
> Content-Type: text/plain; charset=UTF-8
> 
> From: Jackie Liu <[email protected]>
> 
> Some strange reasons may cause kcore to collect some strange
> entries of ikconfig, such as CONFIG_SECU+[some hex data] causes
> the 'val' to be NULL, and then crashes when strdup.
> 
> CONFIG_SECU+[some hex data] to be **strings that don't
> contain the delimitor string '='** and then strtok_r() interprets
> it as consisting of a single token, hence val resulting in having NULL.
> 

Thank you for the fix.

Acked-by: Lianbo Jiang <[email protected]>

> [[email protected]: rewrite comment]
> Suggested-by: HAGIO KAZUHITO(?? ??) <[email protected]>
> Signed-off-by: Jackie Liu <[email protected]>
> ---
>  kernel.c | 14 +++++++++++---
>  1 file changed, 11 insertions(+), 3 deletions(-)
> 
> diff --git a/kernel.c b/kernel.c
> index 9871637..c8182a6 100644
> --- a/kernel.c
> +++ b/kernel.c
> @@ -10236,7 +10236,7 @@ static struct ikconfig_list {
>       char *val;
>  } *ikconfig_all;
>  
> -static void add_ikconfig_entry(char *line, struct ikconfig_list *ent)
> +static int add_ikconfig_entry(char *line, struct ikconfig_list *ent)
>  {
>       char *tokptr, *name, *val;
>  
> @@ -10244,8 +10244,16 @@ static void add_ikconfig_entry(char *line, struct 
> ikconfig_list *ent)
>       sscanf(name, "CONFIG_%s", name);
>       val = strtok_r(NULL, "", &tokptr);
>  
> +     if (!val) {
> +             if (CRASHDEBUG(2))
> +                     error(WARNING, "invalid ikconfig entry: %s\n", line);
> +             return FALSE;
> +     }
> +
>       ent->name = strdup(name);
>       ent->val = strdup(val);
> +
> +     return TRUE;
>  }
>  
>  static int setup_ikconfig(char *config)
> @@ -10265,8 +10273,8 @@ static int setup_ikconfig(char *config)
>                       ent++;
>  
>               if (STRNEQ(ent, "CONFIG_")) {
> -                     add_ikconfig_entry(ent,
> -                                      &ikconfig_all[kt->ikconfig_ents++]);
> +                     if (add_ikconfig_entry(ent, 
> &ikconfig_all[kt->ikconfig_ents]))
> +                             kt->ikconfig_ents++;
>                       if (kt->ikconfig_ents == IKCONFIG_MAX) {
>                               error(WARNING, "ikconfig overflow.\n");
>                               return 1;
> -- 2.17.1

--
Crash-utility mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/crash-utility

Reply via email to