On 5/18/09, Andreas Robinson <andr345@xxxxxxxxx> wrote: > On Mon, 2009-05-18 at 17:14 +0100, Alan Jenkins wrote: >> On 5/18/09, Andreas Robinson <andr345@xxxxxxxxx> wrote: >> > get_section() and load_section() now return NULL if a section header >> > is corrupt and points to a block that lies partially or entirely >> > outside the file data buffer. >> >> Great! >> >> Just out of interest, do you have any ideas about adding bounds >> checking for strings? If I remember correctly, there's still a >> possibility for crashes if next_string() is used on a section which is >> missing a final NUL terminator. > > Hmm, you're right ... > > Would it be terribly ugly to have next_string() check that a terminator > exists at the end of the section and if it doesn't, insert one and then > write a warning message to the log? Yeah, terribly ugly :-). That would require mapping the file as copy on write (private). But I _think_ we should be able to run on NOMMU, where that is not supported. I would prefer that the program refuse to handle the module if it is discovered to be corrupt. I don't think we should try and work around such corruption. Alan -- To unsubscribe from this list: send the line "unsubscribe linux-modules" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
