Re: [Crash-utility] [PATCH v2] Fixed the segment fault when ikconfig passed nonstandard values
在 2021年01月05日 20:12, crash-utility-request(a)redhat.com 写道:
Date: Tue, 5 Jan 2021 09:45:11 +0800
From: liuyun01(a)tj.kylinos.cn
To: crash-utility(a)redhat.com
Cc: d.hatayama(a)fujitsu.com
Subject: [Crash-utility] [PATCH v2] Fixed the segment fault when
ikconfig passed nonstandard values
Message-ID: <20210105014511.1709-1-liuyun01(a)tj.kylinos.cn>
Content-Type: text/plain; charset=UTF-8
From: Jackie Liu <liuyun01(a)kylinos.cn>
Some strange reasons may cause kcore to collect some strange
entries of ikconfig, such as CONFIG_SECU+[some hex data] causes
the 'val' to be NULL, and then crashes when strdup.
CONFIG_SECU+[some hex data] to be **strings that don't
contain the delimitor string '='** and then strtok_r() interprets
it as consisting of a single token, hence val resulting in having NULL.
Thank you for the fix.
Acked-by: Lianbo Jiang <lijiang(a)redhat.com>
[d.hatayama(a)fujitsu.com: rewrite comment]
Suggested-by: HAGIO KAZUHITO(?? ??) <k-hagio-ab(a)nec.com>
Signed-off-by: Jackie Liu <liuyun01(a)kylinos.cn>
---
kernel.c | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/kernel.c b/kernel.c
index 9871637..c8182a6 100644
--- a/kernel.c
+++ b/kernel.c
@@ -10236,7 +10236,7 @@ static struct ikconfig_list {
char *val;
} *ikconfig_all;
-static void add_ikconfig_entry(char *line, struct ikconfig_list *ent)
+static int add_ikconfig_entry(char *line, struct ikconfig_list *ent)
{
char *tokptr, *name, *val;
@@ -10244,8 +10244,16 @@ static void add_ikconfig_entry(char *line, struct ikconfig_list
*ent)
sscanf(name, "CONFIG_%s", name);
val = strtok_r(NULL, "", &tokptr);
+ if (!val) {
+ if (CRASHDEBUG(2))
+ error(WARNING, "invalid ikconfig entry: %s\n", line);
+ return FALSE;
+ }
+
ent->name = strdup(name);
ent->val = strdup(val);
+
+ return TRUE;
}
static int setup_ikconfig(char *config)
@@ -10265,8 +10273,8 @@ static int setup_ikconfig(char *config)
ent++;
if (STRNEQ(ent, "CONFIG_")) {
- add_ikconfig_entry(ent,
- &ikconfig_all[kt->ikconfig_ents++]);
+ if (add_ikconfig_entry(ent, &ikconfig_all[kt->ikconfig_ents]))
+ kt->ikconfig_ents++;
if (kt->ikconfig_ents == IKCONFIG_MAX) {
error(WARNING, "ikconfig overflow.\n");
return 1;
-- 2.17.1