CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

projects / FreeBSD / FreeBSD.git / commit

author	Jessica Clarke <jrtc27@FreeBSD.org>
	Thu, 15 Oct 2020 18:03:14 +0000 (18:03 +0000)
committer	Jessica Clarke <jrtc27@FreeBSD.org>
	Thu, 15 Oct 2020 18:03:14 +0000 (18:03 +0000)
commit	a98fa52ec6a656f9b1d8c4b00722ebba15a0efef
tree	7039bb5b6f2bc251e8819b52bf98c1821df40de0	tree \| snapshot
parent	43777a207df4289ba3cc0c16994ca4b6aae3adcf	commit \| diff

kldxref: Avoid buffer overflows in parse_pnp_list

We convert a string like "W32:vendor/device" into "I:vendor;I:device",
where the output is longer than the input, but only allocate space equal
to the length of the input, leading to a buffer overflow.

Instead use open_memstream so we get a safe dynamically-grown buffer.

Found by: CHERI
Reviewed by: imp, jhb (mentor)
Approved by: imp, jhb (mentor)
Obtained from: CheriBSD
Differential Revision: https://reviews.freebsd.org/D26637

usr.sbin/kldxref/kldxref.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom