From patchwork Tue Aug 31 08:25:53 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nick X-Patchwork-Id: 1522480 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=QF5OgbTt; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=systemli.org header.i=@systemli.org header.a=rsa-sha256 header.s=default header.b=EXTShUqc; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4GzL1v3f6Bz9s5R for ; Tue, 31 Aug 2021 18:28:47 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=k8RAg1+wICCcBg1RF2wQ+6FRpzXYNdqtKsmLPrjkCnQ=; b=QF5OgbTtFXgf0I l2xM8zui4xuQ5ptLhikduu82mQLjl1DsM7fbQOQDMGGDvXxVmJMqXTdB6379YbHh7px3hFoK+jl2o 6f7uQ+gqb4z2bgqEklusoZJZVe+yRSHbWi9j+RJIVnCxNtuCKdIHXIpUc4ZoPMXKmN+dQ5Uk2AAsp GpyMqg+0HiTN5DrtLIWQwQZvODYRSSjFjjFkIcCEunYLNXmzP96zv+koVUp5n319U/Rk3fdcJtf9u kUhaQGPIu+4v6nJ4jLSUItJbOLcZnKkcj9NyeTbeFgKOHXvHfZCxtHw9dyfv7j6JVhnOMMCq7fXXu 0sNVdEBjodoQoozc6KRw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1mKz5v-001npo-Dd; Tue, 31 Aug 2021 08:26:11 +0000 Received: from mail1.systemli.org ([2a00:c38:11e:ffff::a032]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1mKz5o-001np6-Kv for openwrt-devel@lists.openwrt.org; Tue, 31 Aug 2021 08:26:09 +0000 From: vincent@systemli.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=systemli.org; s=default; t=1630398359; bh=fxce2swyzBZ/H2lV7ga6jUspJTx0/mDcWIUYXMHu0jQ=; h=From:To:Cc:Subject:Date:From; b=EXTShUqctUL+bYKPfYX8Vxg7ZIos0mJf1bkQvW4ltKWObEog0vszHRX9Jg5uSlXoJ QXWAmfddUtsFCIUYROCQjrv9w/CEFDPuyrdzxrPczgZObE4YQKUhPZFYHqnkUkVMGr NRpC5Hk8dUierIlLv5/PW2BkIxXblLY7ndDIrH43mfGQWGsjK0zbO6T9WL7oI5JW4d 9y0JItZZnb67FWm/zH1UXZP30D6dXDnQdCYFVSTytOU4zDEfB4gYrgkegARMPmbuuF c+Wy0upiGWP/3OQAzP9qW4NpJFFrqimOvQ+keQIq+aMYKRdVOhIWjJYz5biQo7CeVP CDNs5hbGtDcAw== To: openwrt-devel@lists.openwrt.org Cc: Nick Hainke Subject: [PATCH] Revert "initd: fix off-by-one error in mkdev.c" Date: Tue, 31 Aug 2021 10:25:53 +0200 Message-Id: <20210831082553.430839-1-vincent@systemli.org> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210831_012605_033539_E3EE2DA5 X-CRM114-Status: GOOD ( 10.64 ) X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Nick Hainke This reverts commit 8eb1d783cca6e0d501dd3a2f94262ffc36ae6482. This line reads a symbolic link into the string buffer "buf". len = readlink(buf2, buf, sizeof(buf)); The commit replaced now buf[len] = 0; with buf[sizeof(buf) - 1] = '\0'; Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org From: Nick Hainke This reverts commit 8eb1d783cca6e0d501dd3a2f94262ffc36ae6482. This line reads a symbolic link into the string buffer "buf". len = readlink(buf2, buf, sizeof(buf)); The commit replaced now buf[len] = 0; with buf[sizeof(buf) - 1] = '\0'; However, that does not work since readlink does not null-terminate the string written into "buf" and "buf[len] = 0" was used for that. What happens if the buffer is to small? "If the buf argument is not large enough to contain the link content, the first bufsize bytes shall be placed in buf." (Source: https://pubs.opengroup.org/onlinepubs/009695399/functions/readlink.htm) Signed-off-by: Nick Hainke --- initd/mkdev.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/initd/mkdev.c b/initd/mkdev.c index 1c9c97a..44101aa 100644 --- a/initd/mkdev.c +++ b/initd/mkdev.c @@ -86,7 +86,7 @@ static void find_devs(bool block) if (len <= 0) continue; - buf[sizeof(buf) - 1] = '\0'; + buf[len] = 0; if (!find_pattern(buf)) continue;