Bug 115669 - possible buffer overflow in hwsetup
|
Bug#:
115669
|
Product: Gentoo Linux
|
Version: unspecified
|
Platform: x86
|
|
OS/Version: Linux
|
Status: RESOLVED
|
Severity: normal
|
Priority: P2
|
|
Resolution: FIXED
|
Assigned To: livecd@gentoo.org
|
Reported By: pharon@gmail.com
|
|
Component: Applications
|
|
|
URL:
|
|
Summary: possible buffer overflow in hwsetup
|
|
Keywords:
|
|
Status Whiteboard:
|
|
Opened: 2005-12-15 09:07 0000
|
I submitted a patch to implement dynamic blacklist generation in hwsetup using
/etc/hotplug/blacklist to prevent loading of misbehaving drivers from being loaded.
But if the file has more than 200 module names hwsetup will segfault. I attatch
a patch to add primitive bounds checking and reduce the memory footprint of the
function.
The coding is horrible maybe, can someone else who knows better can rewrite it
using malloc and realloc?
Reproducible: Always
Steps to Reproduce:
1.emerge hwsetup
2.fill up /etc/hotplug/blacklist with more than 200 module names
3.run hwsetup
3.segfault
Actual Results:
Segfault
Expected Results:
Doesn't segfault
The bug description on my blog http://www.phaeronix.net/node/74 with the patch
http://phaeronix.net/files/hwsetup-1.1-dyn_blacklist_bounds_check.patch.txt
Created an attachment (id=74814) [details]
patch to fix the segfault
this is primitive bounds checking. Someone with better skills could make this
using array of pointers to strings and use malloc and realloc, but I am too
lazy.
Thanks for the patch... currently my machines are down so I can't get this done
until after I get back power. I had gotten your email, but haven't had much
time to do anything with the local ice storms.
no problem beware of the frost bite :)
