[LEDE-DEV] [PATCH ubox 4/6] kmodloader: fix out-of-bound access when parsing .modinfo

Yousong Zhou yszhou4tech at gmail.com
Wed Jan 11 03:54:08 PST 2017


Fixes output of "modinfo nf_conntrack_ipv4"

    module:         /lib/modules/4.4.40/nf_conntrack_ipv4.ko
    license:        GPL
    alias:          ip_conntrack
    alias:          nf_conntrack-2
    depends:        nf_conntrack,nf_defrag_ipv4
    src:            %pI4 dst=%pI4

Signed-off-by: Yousong Zhou <yszhou4tech at gmail.com>
---
 kmodloader.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/kmodloader.c b/kmodloader.c
index b5dc4d1..7ea5544 100644
--- a/kmodloader.c
+++ b/kmodloader.c
@@ -302,12 +302,14 @@ static struct module* get_module_info(const char *module, const char *name)
 	}
 
 	strings = map + offset;
-	while (strings && (strings < map + offset + size)) {
+	while (true) {
 		char *sep;
 		int len;
 
 		while (!strings[0])
 			strings++;
+		if (strings >= map + offset + size)
+			break;
 		sep = strstr(strings, "=");
 		if (!sep)
 			break;
@@ -410,12 +412,14 @@ static int print_modinfo(char *module)
 
 	strings = map + offset;
 	printf("module:\t\t%s\n", module);
-	while (strings && (strings < map + offset + size)) {
+	while (true) {
 		char *dup = NULL;
 		char *sep;
 
 		while (!strings[0])
 			strings++;
+		if (strings >= map + offset + size)
+			break;
 		sep = strstr(strings, "=");
 		if (!sep)
 			break;
-- 
2.6.4




More information about the Lede-dev mailing list