On Sun, Feb 15, 2015 at 10:03:20AM +0100, Jiri Kosina wrote: > kobject_init_and_add() takes expects format string for a name, so we > better provide it in order to avoid infoleaks if modules craft their > mod->name in a special way. > > Reported-by: Fengguang Wu <fengguang.wu@xxxxxxxxx> > Reported-by: Kees Cook <keescook@xxxxxxxxxxxx> > Signed-off-by: Jiri Kosina <jkosina@xxxxxxx> Looks good. Thanks for the report and fix! Acked-by: Seth Jennings <sjenning@xxxxxxxxxx> > --- > > v1 -> v2: Kees correctly pointed out a second instance of this bug in > klp_init_patch() > > kernel/livepatch/core.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c > index ff7f47d..69bf3aa 100644 > --- a/kernel/livepatch/core.c > +++ b/kernel/livepatch/core.c > @@ -731,7 +731,7 @@ static int klp_init_func(struct klp_object *obj, struct klp_func *func) > func->state = KLP_DISABLED; > > return kobject_init_and_add(&func->kobj, &klp_ktype_func, > - obj->kobj, func->old_name); > + obj->kobj, "%s", func->old_name); > } > > /* parts of the initialization that is done only when the object is loaded */ > @@ -807,7 +807,7 @@ static int klp_init_patch(struct klp_patch *patch) > patch->state = KLP_DISABLED; > > ret = kobject_init_and_add(&patch->kobj, &klp_ktype_patch, > - klp_root_kobj, patch->mod->name); > + klp_root_kobj, "%s", patch->mod->name); > if (ret) > goto unlock; > > -- > Jiri Kosina > SUSE Labs -- To unsubscribe from this list: send the line "unsubscribe live-patching" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
