[BusyBox] insmod with uClibc mystery bugs

Larry Doolittle ldoolitt at recycle.lbl.gov
Tue Apr 24 19:48:33 UTC 2001


I scanned busybox insmod for memory allocation problems,
in particular buffer underruns.  I didn't find any.
Maybe Richard (or anyone else with insmod problems)
could try again with dmalloc.

What happens in old_get_kernel_symbols if get_kernel_syms(NULL)
returns zero?

In new_get_kernel_symbols, would it be worth checking for a
double-fault on query_module?  Something like
	if (errno == ENOSPC && bufsize == 256) {

I did find some code that needed improvement, patch attached.

      - Larry

--- /home/ldoolitt/cvs/busybox/insmod.c	Thu Apr  5 10:37:51 2001
+++ insmod.c	Tue Apr 24 12:22:45 2001
@@ -715,7 +715,7 @@
 			tmp++;
 		if (check_wildcard_match(tmp, fullName) == TRUE) {
 			/* Stop searching if we find a match */
-			memcpy(m_filename, fileName, strlen(fileName)+1);
+			safe_strncpy(m_filename, fileName, sizeof(m_filename));
 			return (FALSE);
 		}
 	}
@@ -3163,7 +3163,8 @@
 
 	if (len > 2 && tmp[len - 2] == '.' && tmp[len - 1] == 'o')
 		len -= 2;
-	strncpy(m_fullName, tmp, len);
+	memcpy(m_fullName, tmp, len);
+	m_fullName[len]='\0';
 	if (*m_name == '\0') {
 		strcpy(m_name, m_fullName);
 	}
@@ -3185,7 +3186,7 @@
 		} else
 			error_msg_and_die("No module named '%s' found in '%s'", m_fullName, _PATH_MODULES);
 	} else
-		memcpy(m_filename, argv[optind], strlen(argv[optind]));
+		safe_strncpy(m_filename, argv[optind], sizeof(m_filename));
 
 
 	if ((f = obj_load(fp)) == NULL)





More information about the busybox mailing list