Patch "kconfig: fix possible buffer overflow" has been added to the 5.4-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a note to let you know that I've just added the patch titled

    kconfig: fix possible buffer overflow

to the 5.4-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     kconfig-fix-possible-buffer-overflow.patch
and it can be found in the queue-5.4 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 8ef64e4ea07d5ca53e6337b099278b92ac0e57b4
Author: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
Date:   Tue Sep 5 17:59:14 2023 +0800

    kconfig: fix possible buffer overflow
    
    [ Upstream commit a3b7039bb2b22fcd2ad20d59c00ed4e606ce3754 ]
    
    Buffer 'new_argv' is accessed without bound check after accessing with
    bound check via 'new_argc' index.
    
    Fixes: e298f3b49def ("kconfig: add built-in function support")
    Co-developed-by: Ivanov Mikhail <ivanov.mikhail1@xxxxxxxxxxxxxxxxxxx>
    Signed-off-by: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
    Signed-off-by: Masahiro Yamada <masahiroy@xxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/scripts/kconfig/preprocess.c b/scripts/kconfig/preprocess.c
index 748da578b418c..d1f5bcff4b62d 100644
--- a/scripts/kconfig/preprocess.c
+++ b/scripts/kconfig/preprocess.c
@@ -396,6 +396,9 @@ static char *eval_clause(const char *str, size_t len, int argc, char *argv[])
 
 		p++;
 	}
+
+	if (new_argc >= FUNCTION_MAX_ARGS)
+		pperror("too many function arguments");
 	new_argv[new_argc++] = prev;
 
 	/*



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux