kbuild: replace unbounded sprintf call in modpost

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The modpost tool could overflow its stack buffer if someone was running
with an insane shell environment. Regardless, it's technically a bug,
so this fixes it to truncate the string instead of seg-faulting.

Found by Coverity.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michal Marek <mmarek@suse.cz>

authored by

Kees Cook and committed by

Michal Marek 12 years ago 849464d1 21cf6e58

+1 -1

1 changed file

expand all

scripts

mod

sumversion.c

+1 -1

scripts/mod/sumversion.c

··· 416 416 basename = strrchr(modname, '/') + 1; 417 417 else 418 418 basename = modname; 419 - sprintf(filelist, "%s/%.*s.mod", modverdir, 419 + snprintf(filelist, sizeof(filelist), "%s/%.*s.mod", modverdir, 420 420 (int) strlen(basename) - 2, basename); 421 421 422 422 file = grab_file(filelist, &len);