mirror of
https://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git
synced 2024-11-14 14:33:50 +08:00
b6b27d3726
If an overly long signature is found in a module file, it is possible to trigger an out of boundary write in kmod_module_hex_to_str due to integer and subsequent heap buffer overflow. This approach replaces malloc + sprintf with a simple hex-lookup and a strbuf approach, being slightly faster in real life scenarios while adding around 100 bytes to library size. A much faster approach could be done without strbuf and using our overflow check functions, but readability should win here. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Link: https://github.com/kmod-project/kmod/pull/236 Signed-off-by: Lucas De Marchi <lucas.de.marchi@gmail.com> |
||
---|---|---|
.. | ||
docs | ||
.gitignore | ||
COPYING | ||
libkmod-builtin.c | ||
libkmod-config.c | ||
libkmod-elf.c | ||
libkmod-file-xz.c | ||
libkmod-file-zlib.c | ||
libkmod-file-zstd.c | ||
libkmod-file.c | ||
libkmod-index.c | ||
libkmod-index.h | ||
libkmod-internal-file.h | ||
libkmod-internal.h | ||
libkmod-list.c | ||
libkmod-module.c | ||
libkmod-signature.c | ||
libkmod.c | ||
libkmod.h | ||
libkmod.pc.in | ||
libkmod.sym | ||
Makefile | ||
README |
libkmod - linux kernel module handling library ABSTRACT ======== libkmod was created to allow programs to easily insert, remove and list modules, also checking its properties, dependencies and aliases. there is no shared/global context information and it can be used by multiple sites on a single program, also being able to be used from threads, although it's not thread safe (you must lock explicitly). OVERVIEW ======== Every user should create and manage it's own library context with: struct kmod_ctx *ctx = kmod_new(kernel_dirname); kmod_unref(ctx); Modules can be created by various means: struct kmod_module *mod; int err; err = kmod_module_new_from_path(ctx, path, &mod); if (err < 0) { /* code */ } else { /* code */ kmod_module_unref(mod); } err = kmod_module_new_from_name(ctx, name, &mod); if (err < 0) { /* code */ } else { /* code */ kmod_module_unref(mod); } Or could be resolved from a known alias to a list of alternatives: struct kmod_list *list, *itr; int err; err = kmod_module_new_from_lookup(ctx, alias, &list); if (err < 0) { /* code */ } else { kmod_list_foreach(itr, list) { struct kmod_module *mod = kmod_module_get_module(itr); /* code */ } }