Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2217428/?format=api
{ "id": 2217428, "url": "http://patchwork.ozlabs.org/api/patches/2217428/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linux-um/patch/20260329030945.32368-1-pengpeng@iscas.ac.cn/", "project": { "id": 60, "url": "http://patchwork.ozlabs.org/api/projects/60/?format=api", "name": "User-mode Linux Development", "link_name": "linux-um", "list_id": "linux-um.lists.infradead.org", "list_email": "linux-um@lists.infradead.org", "web_url": "", "scm_url": "", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260329030945.32368-1-pengpeng@iscas.ac.cn>", "list_archive_url": null, "date": "2026-03-29T03:09:45", "name": "um: mconsole: validate notify socket path length", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "1e510e2a03e83e0114445ed7e4b86552ab49ce8c", "submitter": { "id": 93000, "url": "http://patchwork.ozlabs.org/api/people/93000/?format=api", "name": "Pengpeng Hou", "email": "pengpeng@iscas.ac.cn" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/linux-um/patch/20260329030945.32368-1-pengpeng@iscas.ac.cn/mbox/", "series": [ { "id": 497895, "url": "http://patchwork.ozlabs.org/api/series/497895/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linux-um/list/?series=497895", "date": "2026-03-29T03:09:45", "name": "um: mconsole: validate notify socket path length", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/497895/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2217428/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2217428/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "\n <linux-um-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n secure) header.d=lists.infradead.org header.i=@lists.infradead.org\n header.a=rsa-sha256 header.s=bombadil.20210309 header.b=n1lBtE05;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=none (no SPF record) smtp.mailfrom=lists.infradead.org\n (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org;\n envelope-from=linux-um-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org;\n receiver=patchwork.ozlabs.org)" ], "Received": [ "from bombadil.infradead.org (bombadil.infradead.org\n [IPv6:2607:7c80:54:3::133])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fjzrt5V3tz1yG8\n\tfor <incoming@patchwork.ozlabs.org>; Sun, 29 Mar 2026 14:10:03 +1100 (AEDT)", "from localhost ([::1] helo=bombadil.infradead.org)\n\tby bombadil.infradead.org with esmtp (Exim 4.98.2 #2 (Red Hat Linux))\n\tid 1w6gXF-00000009VfV-0oPc;\n\tSun, 29 Mar 2026 03:09:57 +0000", "from smtp21.cstnet.cn ([159.226.251.21] helo=cstnet.cn)\n\tby bombadil.infradead.org with esmtps (Exim 4.98.2 #2 (Red Hat Linux))\n\tid 1w6gXB-00000009Veb-2n5R\n\tfor linux-um@lists.infradead.org;\n\tSun, 29 Mar 2026 03:09:56 +0000", "from localhost.localdomain (unknown [111.196.245.197])\n\tby APP-01 (Coremail) with SMTP id qwCowAB3IGz5l8hpjed8Cw--.19840S2;\n\tSun, 29 Mar 2026 11:09:46 +0800 (CST)" ], "DKIM-Signature": "v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;\n\td=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help\n\t:List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding:\n\tMIME-Version:Message-ID:Date:Subject:Cc:To:From:Reply-To:Content-Type:\n\tContent-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:\n\tResent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Owner;\n\tbh=vPUDs9herVbVdCq0bGYVZbmn199dX3bbrORgulYooRg=; b=n1lBtE05t9gqxF5zQ3i8ov1W7C\n\tWrYMCDNP0IKpiRaFdUkeY89vWHimSI4ak8zZuWsAxcEtG1SloSaWNBCrnj0uO/pJFgv5PtQV+vOea\n\tah2mvRHdAfaohS++Qk8hUe5VlaB2TnbR7uxcBpPqaUvxFfnBlKD/rf2qkzpTRTODXZxl7qZ+xOEzG\n\t2zPjOFMw7pxc8Ox8nKNkYY9CcCSMYFBqKGC7sr/RpWgW8UtGgcm3Ehw9bc4aLv/+123LRUL/Fy9SZ\n\t7oGVkw8zCOMacgYWoyMDUuXsoJUrrPTajnZ1yoJUM1Lpn014oY/y4drfN0xHNISzjZ4uUNlP0c55T\n\tF//YW0og==;", "From": "Pengpeng Hou <pengpeng@iscas.ac.cn>", "To": "richard@nod.at,\n\tanton.ivanov@cambridgegreys.com,\n\tjohannes@sipsolutions.net", "Cc": "linux-um@lists.infradead.org,\n\tlinux-kernel@vger.kernel.org,\n\tpengpeng@iscas.ac.cn", "Subject": "[PATCH] um: mconsole: validate notify socket path length", "Date": "Sun, 29 Mar 2026 11:09:45 +0800", "Message-ID": "<20260329030945.32368-1-pengpeng@iscas.ac.cn>", "X-Mailer": "git-send-email 2.50.1", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "X-CM-TRANSID": "qwCowAB3IGz5l8hpjed8Cw--.19840S2", "X-Coremail-Antispam": "1UD129KBjvdXoW7JrWkJw43Kw4xXr4UJr45GFg_yoWkXwcE9r\n\ty5Zws3KryfuFyDtF13Cwn3XrWak34kZFnxuF4jqFWaya43Wr1akrWvy3sxur1UWr1rWFs7\n\tAas7AryF93WjgjkaLaAFLSUrUUUUjb8apTn2vfkv8UJUUUU8Yxn0WfASr-VFAUDa7-sFnT\n\t9fnUUIcSsGvfJTRUUUb4xFF20E14v26r1j6r4UM7CY07I20VC2zVCF04k26cxKx2IYs7xG\n\t6rWj6s0DM7CIcVAFz4kK6r1j6r18M28lY4IEw2IIxxk0rwA2F7IY1VAKz4vEj48ve4kI8w\n\tA2z4x0Y4vE2Ix0cI8IcVAFwI0_Gr0_Xr1l84ACjcxK6xIIjxv20xvEc7CjxVAFwI0_Gr0_\n\tCr1l84ACjcxK6I8E87Iv67AKxVWxJr0_GcWl84ACjcxK6I8E87Iv6xkF7I0E14v26F4UJV\n\tW0owAS0I0E0xvYzxvE52x082IY62kv0487Mc02F40EFcxC0VAKzVAqx4xG6I80ewAv7VC0\n\tI7IYx2IY67AKxVWUXVWUAwAv7VC2z280aVAFwI0_Jr0_Gr1lOx8S6xCaFVCjc4AY6r1j6r\n\t4UM4x0Y48IcxkI7VAKI48JM4x0x7Aq67IIx4CEVc8vx2IErcIFxwCY1x0262kKe7AKxVWU\n\tAVWUtwCF04k20xvY0x0EwIxGrwCFx2IqxVCFs4IE7xkEbVWUJVW8JwC20s026c02F40E14\n\tv26r1j6r18MI8I3I0E7480Y4vE14v26r106r1rMI8E67AF67kF1VAFwI0_JF0_Jw1lIxkG\n\tc2Ij64vIr41lIxAIcVC0I7IYx2IY67AKxVWUJVWUCwCI42IY6xIIjxv20xvEc7CjxVAFwI\n\t0_Gr0_Cr1lIxAIcVCF04k26cxKx2IYs7xG6r1j6r1xMIIF0xvEx4A2jsIE14v26r1j6r4U\n\tMIIF0xvEx4A2jsIEc7CjxVAFwI0_Gr0_Gr1UYxBIdaVFxhVjvjDU0xZFpf9x0JUDpnQUUU\n\tUU=", "X-Originating-IP": "[111.196.245.197]", "X-CM-SenderInfo": "pshqw1xhqjqxpvfd2hldfou0/", "X-CRM114-Version": "20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 ", "X-CRM114-CacheID": "sfid-20260328_200954_088544_1B8F002D ", "X-CRM114-Status": "UNSURE ( 8.26 )", "X-CRM114-Notice": "Please train this message.", "X-Spam-Score": "-4.2 (----)", "X-Spam-Report": "Spam detection software,\n running on the system \"bombadil.infradead.org\",\n has NOT identified this incoming email as spam. The original\n message has been attached to this so you can view it or label\n similar future email. If you have any questions, see\n the administrator of that system for details.\n Content preview: mconsole_notify() copies the notify socket path into\n sockaddr_un.sun_path\n with strcpy(). There is no local check that the supplied path fits in the\n fixed Unix-domain socket path buffer. Reject notify socket paths that do\n not fit in sun_path instead of copying them blindly.\n Content analysis details: (-4.2 points, 5.0 required)\n pts rule name description\n ---- ----------------------\n --------------------------------------------------\n -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/,\n medium trust\n [159.226.251.21 listed in list.dnswl.org]\n 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to\n Validity was blocked. See\n https://knowledge.validity.com/hc/en-us/articles/20961730681243\n for more information.\n [159.226.251.21 listed in\n bl.score.senderscore.com]\n 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The\n query to Validity was blocked. See\n https://knowledge.validity.com/hc/en-us/articles/20961730681243\n for more information.\n [159.226.251.21 listed in\n sa-trusted.bondedsender.org]\n 0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to\n Validity was blocked. See\n https://knowledge.validity.com/hc/en-us/articles/20961730681243\n for more information.\n [159.226.251.21 listed in sa-accredit.habeas.com]\n -0.0 SPF_PASS SPF: sender matches SPF record\n -0.0 SPF_HELO_PASS SPF: HELO matches SPF record\n -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%\n [score: 0.0000]", "X-BeenThere": "linux-um@lists.infradead.org", "X-Mailman-Version": "2.1.34", "Precedence": "list", "List-Id": "<linux-um.lists.infradead.org>", "List-Unsubscribe": "<http://lists.infradead.org/mailman/options/linux-um>,\n <mailto:linux-um-request@lists.infradead.org?subject=unsubscribe>", "List-Archive": "<http://lists.infradead.org/pipermail/linux-um/>", "List-Post": "<mailto:linux-um@lists.infradead.org>", "List-Help": "<mailto:linux-um-request@lists.infradead.org?subject=help>", "List-Subscribe": "<http://lists.infradead.org/mailman/listinfo/linux-um>,\n <mailto:linux-um-request@lists.infradead.org?subject=subscribe>", "Sender": "\"linux-um\" <linux-um-bounces@lists.infradead.org>", "Errors-To": "linux-um-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org" }, "content": "mconsole_notify() copies the notify socket path into sockaddr_un.sun_path with strcpy(). There is no local check that the supplied path fits in the fixed Unix-domain socket path buffer.\n\nReject notify socket paths that do not fit in sun_path instead of copying them blindly.\n\nSigned-off-by: Pengpeng Hou <pengpeng@iscas.ac.cn>\n---\n arch/um/drivers/mconsole_user.c | 5 ++++-\n 1 file changed, 4 insertions(+), 1 deletion(-)", "diff": "diff --git a/arch/um/drivers/mconsole_user.c b/arch/um/drivers/mconsole_user.c\nindex a04cd13c6315..2c0d2984055c 100644\n--- a/arch/um/drivers/mconsole_user.c\n+++ b/arch/um/drivers/mconsole_user.c\n@@ -198,8 +198,11 @@ int mconsole_notify(char *sock_name, int type, const void *data, int len)\n \tif (err)\n \t\treturn err;\n \n+\tmemset(&target, 0, sizeof(target));\n \ttarget.sun_family = AF_UNIX;\n-\tstrcpy(target.sun_path, sock_name);\n+\tif (snprintf(target.sun_path, sizeof(target.sun_path), \"%s\", sock_name) >=\n+\t sizeof(target.sun_path))\n+\t\treturn -EINVAL;\n \n \tpacket.magic = MCONSOLE_MAGIC;\n \tpacket.version = MCONSOLE_VERSION;\n", "prefixes": [] }