43 lines
1.1 KiB
Diff
43 lines
1.1 KiB
Diff
|
From 557952500a10513120e90e5118c53030363a778e Mon Sep 17 00:00:00 2001
|
||
|
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||
|
Date: Wed, 25 May 2016 17:29:16 +0100
|
||
|
Subject: [PATCH 2/7] init: Don't allocate modules on the stack (RHBZ#1339691).
|
||
|
|
||
|
If the modules are unstripped and/or especially large, then the stack
|
||
|
can overflow.
|
||
|
|
||
|
Thanks: Luiz Capitulino for testing.
|
||
|
---
|
||
|
init/init.c | 8 +++++++-
|
||
|
1 file changed, 7 insertions(+), 1 deletion(-)
|
||
|
|
||
|
diff --git a/init/init.c b/init/init.c
|
||
|
index 106be02..733d66e 100644
|
||
|
--- a/init/init.c
|
||
|
+++ b/init/init.c
|
||
|
@@ -314,7 +314,11 @@ insmod (const char *filename)
|
||
|
exit (EXIT_FAILURE);
|
||
|
}
|
||
|
size = st.st_size;
|
||
|
- char buf[size];
|
||
|
+ char *buf = malloc (size);
|
||
|
+ if (buf == NULL) {
|
||
|
+ fprintf (stderr, "insmod: malloc (%s, %zu bytes): %m\n", filename, size);
|
||
|
+ exit (EXIT_FAILURE);
|
||
|
+ }
|
||
|
size_t offset = 0;
|
||
|
do {
|
||
|
ssize_t rc = read (fd, buf + offset, size - offset);
|
||
|
@@ -332,6 +336,8 @@ insmod (const char *filename)
|
||
|
* of a missing device.
|
||
|
*/
|
||
|
}
|
||
|
+
|
||
|
+ free (buf);
|
||
|
}
|
||
|
|
||
|
/* Mount /proc unless it's mounted already. */
|
||
|
--
|
||
|
2.7.4
|
||
|
|