Richard W.M. Jones
2016-May-25 16:38 UTC
[Libguestfs] [PATCH] init: Don't allocate modules on the stack (RHBZ#1339691).
If the modules are unstripped and/or especially large, then the stack can overflow. --- init/init.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/init/init.c b/init/init.c index 106be02..733d66e 100644 --- a/init/init.c +++ b/init/init.c @@ -314,7 +314,11 @@ insmod (const char *filename) exit (EXIT_FAILURE); } size = st.st_size; - char buf[size]; + char *buf = malloc (size); + if (buf == NULL) { + fprintf (stderr, "insmod: malloc (%s, %zu bytes): %m\n", filename, size); + exit (EXIT_FAILURE); + } size_t offset = 0; do { ssize_t rc = read (fd, buf + offset, size - offset); @@ -332,6 +336,8 @@ insmod (const char *filename) * of a missing device. */ } + + free (buf); } /* Mount /proc unless it's mounted already. */ -- 2.7.4
Pino Toscano
2016-May-25 17:05 UTC
Re: [Libguestfs] [PATCH] init: Don't allocate modules on the stack (RHBZ#1339691).
On Wednesday 25 May 2016 17:38:47 Richard W.M. Jones wrote:> If the modules are unstripped and/or especially large, then the stack > can overflow. > ---LGTM. -- Pino Toscano
Richard W.M. Jones
2016-May-25 18:32 UTC
Re: [Libguestfs] [PATCH] init: Don't allocate modules on the stack (RHBZ#1339691).
On Wed, May 25, 2016 at 07:05:47PM +0200, Pino Toscano wrote:> On Wednesday 25 May 2016 17:38:47 Richard W.M. Jones wrote: > > If the modules are unstripped and/or especially large, then the stack > > can overflow. > > --- > > LGTM.Yup, Luiz Capitulino (the bug reporter) tested it and confirms it works too. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://people.redhat.com/~rjones/virt-df/
Seemingly Similar Threads
- [PATCH] init: Don't allocate modules on the stack (RHBZ#1339691).
- Re: [PATCH] v2v: Further increase memory allocated to the appliance (RHBZ#1418283).
- Re: resize: Preserve GPT GUID so we don't break EFI bootloaders (RHBZ#1189284)
- Re: [PATCH] v2v: Further increase memory allocated to the appliance (RHBZ#1418283).
- Re: [PATCH] daemon: augeas: filter out AUG_NO_STDINC from aug-init (RHBZ#1144927)