kmod/libkmod
Tobias Stoeckmann b6b27d3726 libkmod: Fix overflow in kmod_module_hex_to_str
If an overly long signature is found in a module file, it is possible to
trigger an out of boundary write in kmod_module_hex_to_str due to
integer and subsequent heap buffer overflow.

This approach replaces malloc + sprintf with a simple hex-lookup and a
strbuf approach, being slightly faster in real life scenarios while
adding around 100 bytes to library size. A much faster approach could be
done without strbuf and using our overflow check functions, but
readability should win here.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Link: https://github.com/kmod-project/kmod/pull/236
Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
2024-11-11 18:15:37 -06:00
..
docs docs: annotate the deprecated API 2024-10-23 23:19:11 -05:00
.gitignore
COPYING
libkmod-builtin.c Introduce and use u{add,mul}sz_overflow() helpers 2024-10-15 12:43:20 -05:00
libkmod-config.c libkmod: Avoid overflows while parsing files 2024-11-11 18:14:29 -06:00
libkmod-elf.c libkmod: Validate symbol names in ELF files 2024-11-07 13:40:36 -06:00
libkmod-file-xz.c libkmod: mass convert with clang-format 2024-09-24 09:59:20 -05:00
libkmod-file-zlib.c libkmod: mass convert with clang-format 2024-09-24 09:59:20 -05:00
libkmod-file-zstd.c libkmod: use bufferless zstd decompression 2024-09-23 09:53:48 -05:00
libkmod-file.c libkmod: Use pread where appropriate 2024-10-18 13:45:23 -05:00
libkmod-index.c libkmod: const struct index_mm as applicable 2024-11-07 13:43:49 -06:00
libkmod-index.h libkmod: const struct index_mm as applicable 2024-11-07 13:43:49 -06:00
libkmod-internal-file.h libkmod: mass convert with clang-format 2024-09-24 09:59:20 -05:00
libkmod-internal.h libkmod: Simplify module dependency parsing 2024-10-28 21:55:10 -05:00
libkmod-list.c libkmod: mass convert with clang-format 2024-09-24 09:59:20 -05:00
libkmod-module.c libkmod: Fix overflow in kmod_module_hex_to_str 2024-11-11 18:15:37 -06:00
libkmod-signature.c libkmod: mass convert with clang-format 2024-09-24 09:59:20 -05:00
libkmod.c libkmod: Simplify lookup_builtin_file() 2024-11-11 18:11:11 -06:00
libkmod.h libkmod: Fix typo in libkmod.h 2024-10-28 21:55:10 -05:00
libkmod.pc.in add Zstandard compression support 2020-09-10 21:55:01 -07:00
libkmod.sym libkmod: document the symbols file 2024-09-14 17:51:01 -05:00
Makefile build-sys: add small redirecting Makefiles 2014-03-06 01:59:58 -03:00
README README: Move items from TODO 2013-07-17 02:31:27 -03:00

libkmod - linux kernel module handling library

ABSTRACT
========

libkmod was created to allow programs to easily insert, remove and
list modules, also checking its properties, dependencies and aliases.

there is no shared/global context information and it can be used by
multiple sites on a single program, also being able to be used from
threads, although it's not thread safe (you must lock explicitly).


OVERVIEW
========

Every user should create and manage it's own library context with:

   struct kmod_ctx *ctx = kmod_new(kernel_dirname);
   kmod_unref(ctx);


Modules can be created by various means:

   struct kmod_module *mod;
   int err;

   err = kmod_module_new_from_path(ctx, path, &mod);
   if (err < 0) {
      /* code */
   } else {
      /* code */
      kmod_module_unref(mod);
   }

   err = kmod_module_new_from_name(ctx, name, &mod);
   if (err < 0) {
      /* code */
   } else {
      /* code */
      kmod_module_unref(mod);
   }


Or could be resolved from a known alias to a list of alternatives:

   struct kmod_list *list, *itr;
   int err;
   err = kmod_module_new_from_lookup(ctx, alias, &list);
   if (err < 0) {
      /* code */
   } else {
      kmod_list_foreach(itr, list) {
         struct kmod_module *mod = kmod_module_get_module(itr);
         /* code */
      }
   }