On 5/18/09, Andreas Robinson <andr345@xxxxxxxxx> wrote: > get_section() and load_section() now return NULL if a section header > is corrupt and points to a block that lies partially or entirely > outside the file data buffer. If we want to completely replace segfaults with informative error messages, I think there's a missing safety test elfops_core.c-117- /* Old-style. */ elfops_core.c:118: ksyms = PERBIT(load_section)(module, "__ksymtab", &size); elfops_core.c-119- for (i = 0; i < size / sizeof(struct PERBIT(kernel_symbol)); i++) elfops_core.c-120- symtbl = NOFAIL(strtbl_add(ksyms[i].name, symtbl)); elfops_core.c:121: ksyms = PERBIT(load_section)(module, "__gpl_ksymtab", &size); elfops_core.c-122- for (i = 0; i < size / sizeof(struct PERBIT(kernel_symbol)); i++) elfops_core.c-123- symtbl = NOFAIL(strtbl_add(ksyms[i].name, symtbl)); load_section() can return early, leaving the value "size" undefined. -- To unsubscribe from this list: send the line "unsubscribe linux-modules" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
