On Mon, Nov 13, 2000 at 04:56:40PM +0000, Chris Evans wrote:
>
> On Mon, 13 Nov 2000, Torsten Duwe wrote:
>
> Code in a security sensitive area needs to be crystal clear.
>
> What's wrong with isalnum() ?
>
What about this then ?
--- kmod.c.orig Sat Nov 4 20:02:11 2000
+++ kmod.c Mon Nov 13 18:18:06 2000
@@ -169,6 +169,20 @@
#define MAX_KMOD_CONCURRENT 50 /* Completely arbitrary value - KAO */
static int kmod_loop_msg;
+ const char * p;
+
+ /* For security reasons ensure the requested name consists
+ * only of allowed characters. Especially whitespace and
+ * shell metacharacters might confuse modprobe.
+ */
+ for (p = module_name; *p; p++)
+ {
+ if (isalnum(*p) || *p=='_' || *p=='-')
+ continue;
+
+ return -EINVAL;
+ }
+
/* Don't allow request_module() before the root fs is mounted! */
if ( ! current->fs->root ) {
printk(KERN_ERR "request_module[%s]: Root fs not mounted\n",
