[BusyBox] insmod with uClibc mystery bugs
Larry Doolittle
ldoolitt at recycle.lbl.gov
Tue Apr 24 19:48:33 UTC 2001
I scanned busybox insmod for memory allocation problems,
in particular buffer underruns. I didn't find any.
Maybe Richard (or anyone else with insmod problems)
could try again with dmalloc.
What happens in old_get_kernel_symbols if get_kernel_syms(NULL)
returns zero?
In new_get_kernel_symbols, would it be worth checking for a
double-fault on query_module? Something like
if (errno == ENOSPC && bufsize == 256) {
I did find some code that needed improvement, patch attached.
- Larry
--- /home/ldoolitt/cvs/busybox/insmod.c Thu Apr 5 10:37:51 2001
+++ insmod.c Tue Apr 24 12:22:45 2001
@@ -715,7 +715,7 @@
tmp++;
if (check_wildcard_match(tmp, fullName) == TRUE) {
/* Stop searching if we find a match */
- memcpy(m_filename, fileName, strlen(fileName)+1);
+ safe_strncpy(m_filename, fileName, sizeof(m_filename));
return (FALSE);
}
}
@@ -3163,7 +3163,8 @@
if (len > 2 && tmp[len - 2] == '.' && tmp[len - 1] == 'o')
len -= 2;
- strncpy(m_fullName, tmp, len);
+ memcpy(m_fullName, tmp, len);
+ m_fullName[len]='\0';
if (*m_name == '\0') {
strcpy(m_name, m_fullName);
}
@@ -3185,7 +3186,7 @@
} else
error_msg_and_die("No module named '%s' found in '%s'", m_fullName, _PATH_MODULES);
} else
- memcpy(m_filename, argv[optind], strlen(argv[optind]));
+ safe_strncpy(m_filename, argv[optind], sizeof(m_filename));
if ((f = obj_load(fp)) == NULL)
More information about the busybox
mailing list