kbuild: replace unbounded sprintf call in modpost

The modpost tool could overflow its stack buffer if someone was running with an insane shell environment. Regardless, it's technically a bug, so this fixes it to truncate the string instead of seg-faulting. Found by Coverity. Signed-off-by: N Kees Cook <keescook@chromium.org> Signed-off-by: N Michal Marek <mmarek@suse.cz>

kbuild: replace unbounded sprintf call in modpost
The modpost tool could overflow its stack buffer if someone was running with an insane shell environment. Regardless, it's technically a bug, so this fixes it to truncate the string instead of seg-faulting. Found by Coverity. Signed-off-by: N Kees Cook <keescook@chromium.org> Signed-off-by: N Michal Marek <mmarek@suse.cz>
849464d1 · Kees Cook · Michal Marek · 21cf6e58 · 849464d1
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

scripts/mod/sumversion.c scripts/mod/sumversion.c +1 -1

未找到文件。
--- a/scripts/mod/sumversion.c
+++ b/scripts/mod/sumversion.c
@@ -416,7 +416,7 @@ void get_src_version(const char *modname, char sum[], unsigned sumlen)
 		basename = strrchr(modname, '/') + 1;
 	else
 		basename = modname;
-	sprintf(filelist, "%s/%.*s.mod", modverdir,
+	snprintf(filelist, sizeof(filelist), "%s/%.*s.mod", modverdir,
 		(int) strlen(basename) - 2, basename);

 	file = grab_file(filelist, &len);