RE: [PATCH v2 1/5] kprobes: convert kprobe_lookup_name() to a function

[PATCH v2 0/5] powerpc: a few kprobe fixes and refactoring · Naveen N. Rao <hidden> · 2017-04-12
[PATCH v2 2/5] powerpc: kprobes: fix handling of function offsets on ABIv2 · Naveen N. Rao <hidden> · 2017-04-12
Re: [PATCH v2 2/5] powerpc: kprobes: fix handling of function offsets on ABIv2 · Masami Hiramatsu <mhiramat@kernel.org> · 2017-04-13
[PATCH v2 1/5] kprobes: convert kprobe_lookup_name() to a function · Naveen N. Rao <hidden> · 2017-04-12
Re: [PATCH v2 1/5] kprobes: convert kprobe_lookup_name() to a function · Masami Hiramatsu <mhiramat@kernel.org> · 2017-04-13
RE: [PATCH v2 1/5] kprobes: convert kprobe_lookup_name() to a function · David Laight <hidden> · 2017-04-18
RE: [PATCH v2 1/5] kprobes: convert kprobe_lookup_name() to a function · Naveen N. Rao <hidden> · 2017-04-19
RE: [PATCH v2 1/5] kprobes: convert kprobe_lookup_name() to a function · David Laight <hidden> · 2017-04-19
Re: [PATCH v2 1/5] kprobes: convert kprobe_lookup_name() to a function · 'Naveen N. Rao' <hidden> · 2017-04-19
[PATCH v2 4/5] powerpc: kprobes: factor out code to emulate instruction into a helper · Naveen N. Rao <hidden> · 2017-04-12
Re: [PATCH v2 4/5] powerpc: kprobes: factor out code to emulate instruction into a helper · Masami Hiramatsu <mhiramat@kernel.org> · 2017-04-13
Re: [PATCH v2 4/5] powerpc: kprobes: factor out code to emulate instruction into a helper · Naveen N. Rao <hidden> · 2017-04-13
Re: [PATCH v2 4/5] powerpc: kprobes: factor out code to emulate instruction into a helper · Naveen N. Rao <hidden> · 2017-04-13
[PATCH v2 5/5] powerpc: kprobes: emulate instructions on kprobe handler re-entry · Naveen N. Rao <hidden> · 2017-04-12
Re: [PATCH v2 5/5] powerpc: kprobes: emulate instructions on kprobe handler re-entry · Masami Hiramatsu <mhiramat@kernel.org> · 2017-04-13
Re: [PATCH v2 5/5] powerpc: kprobes: emulate instructions on kprobe handler re-entry · Naveen N. Rao <hidden> · 2017-04-13
[PATCH v2 3/5] powerpc: introduce a new helper to obtain function entry points · Naveen N. Rao <hidden> · 2017-04-12
Re: [PATCH v2 3/5] powerpc: introduce a new helper to obtain function entry points · Masami Hiramatsu <mhiramat@kernel.org> · 2017-04-13
Re: [PATCH v2 3/5] powerpc: introduce a new helper to obtain function entry points · Naveen N. Rao <hidden> · 2017-04-13
Re: [PATCH v2 0/5] powerpc: a few kprobe fixes and refactoring · Masami Hiramatsu <mhiramat@kernel.org> · 2017-04-13
Re: [PATCH v2 0/5] powerpc: a few kprobe fixes and refactoring · Naveen N. Rao <hidden> · 2017-04-13

From: David Laight <hidden>
Date: 2017-04-18 12:52:30
Also in: lkml

From: Naveen N. Rao

Sent: 12 April 2017 11:58

...

+kprobe_opcode_t *kprobe_lookup_name(const char *name)
+{

...

+	char dot_name[MODULE_NAME_LEN + 1 + KSYM_NAME_LEN];
+	const char *modsym;
+	bool dot_appended =3D false;
+	if ((modsym =3D strchr(name, ':')) !=3D NULL) {
+		modsym++;
+		if (*modsym !=3D '\0' && *modsym !=3D '.') {
+			/* Convert to <module:.symbol> */
+			strncpy(dot_name, name, modsym - name);
+			dot_name[modsym - name] =3D '.';
+			dot_name[modsym - name + 1] =3D '\0';
+			strncat(dot_name, modsym,
+				sizeof(dot_name) - (modsym - name) - 2);
+			dot_appended =3D true;

If the ':' is 'a way down' name[] then although the strncpy() won't
overrun dot_name[] the rest of the code can.

The strncat() call is particularly borked.

	David

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help