kallsyms: Use bounded strnchr() when parsing string
authorNaveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
Sun, 23 Apr 2017 17:23:43 +0000 (22:53 +0530)
committerJessica Yu <jeyu@redhat.com>
Mon, 24 Apr 2017 21:07:28 +0000 (14:07 -0700)
When parsing for the <module:name> format, we use strchr() to look for
the separator, when we know that the module name can't be longer than
MODULE_NAME_LEN. Enforce the same using strnchr().

Signed-off-by: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
Reviewed-by: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: Jessica Yu <jeyu@redhat.com>
kernel/module.c

index 7eba6dea4f417dbf363731cf2a3cc374ce1d703b..d3bd56ed3541a423c5c0d9535df51654ac516557 100644 (file)
@@ -4017,7 +4017,7 @@ unsigned long module_kallsyms_lookup_name(const char *name)
 
        /* Don't lock: we're in enough trouble already. */
        preempt_disable();
-       if ((colon = strchr(name, ':')) != NULL) {
+       if ((colon = strnchr(name, MODULE_NAME_LEN, ':')) != NULL) {
                if ((mod = find_module_all(name, colon - name, false)) != NULL)
                        ret = mod_find_symname(mod, colon+1);
        } else {