projects
/
GitHub
/
exynos8895
/
android_kernel_samsung_universal8895.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
1d9c5d7
)
livepatch: fix format string in kobject_init_and_add()
author
Jiri Kosina
<jkosina@suse.cz>
Sun, 15 Feb 2015 09:03:20 +0000
(10:03 +0100)
committer
Jiri Kosina
<jkosina@suse.cz>
Mon, 16 Feb 2015 15:26:56 +0000
(16:26 +0100)
kobject_init_and_add() takes expects format string for a name, so we
better provide it in order to avoid infoleaks if modules craft their
mod->name in a special way.
Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Reported-by: Kees Cook <keescook@chromium.org>
Acked-by: Seth Jennings <sjenning@redhat.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
kernel/livepatch/core.c
patch
|
blob
|
blame
|
history
diff --git
a/kernel/livepatch/core.c
b/kernel/livepatch/core.c
index ff7f47d026ac48b21d6239f9db36ee8662585a45..69bf3aa3bde8200b0a39665898c6cfeab8699cdb 100644
(file)
--- a/
kernel/livepatch/core.c
+++ b/
kernel/livepatch/core.c
@@
-731,7
+731,7
@@
static int klp_init_func(struct klp_object *obj, struct klp_func *func)
func->state = KLP_DISABLED;
return kobject_init_and_add(&func->kobj, &klp_ktype_func,
- obj->kobj, func->old_name);
+ obj->kobj,
"%s",
func->old_name);
}
/* parts of the initialization that is done only when the object is loaded */
@@
-807,7
+807,7
@@
static int klp_init_patch(struct klp_patch *patch)
patch->state = KLP_DISABLED;
ret = kobject_init_and_add(&patch->kobj, &klp_ktype_patch,
- klp_root_kobj, patch->mod->name);
+ klp_root_kobj,
"%s",
patch->mod->name);
if (ret)
goto unlock;