Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20171130001619.GR6217@eros>
Date: Thu, 30 Nov 2017 11:16:19 +1100
From: "Tobin C. Harding" <me@...in.cc>
To: Steven Rostedt <rostedt@...dmis.org>
Cc: Tycho Andersen <tycho@...ho.ws>, Daniel Borkmann <daniel@...earbox.net>,
	Masahiro Yamada <yamada.masahiro@...ionext.com>,
	"David S. Miller" <davem@...emloft.net>,
	Alexei Starovoitov <ast@...nel.org>,
	Network Development <netdev@...r.kernel.org>,
	linux-kernel@...r.kernel.org, kernel-hardening@...ts.openwall.com
Subject: Re: [RFC 1/3] kallsyms: don't leak address when symbol not found

I reordered the To's and CC's, I hope this doesn't break
threading. (clearly I haven't groked email yet :( ) 

On Tue, Nov 28, 2017 at 09:30:17AM +1100, Tobin C. Harding wrote:
> Currently if kallsyms_lookup() fails to find the symbol then the address
> is printed. This potentially leaks sensitive information. Instead of
> printing the address we can return an error, giving the calling code the
> option to print the address or print some sanitized message.
> 
> Return error instead of printing address to argument buffer. Leave
> buffer in a sane state.
> 
> Signed-off-by: Tobin C. Harding <me@...in.cc>
> ---
>  kernel/kallsyms.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/kernel/kallsyms.c b/kernel/kallsyms.c
> index 531ffa984bc2..4bfa4ee3ce93 100644
> --- a/kernel/kallsyms.c
> +++ b/kernel/kallsyms.c
> @@ -394,8 +394,10 @@ static int __sprint_symbol(char *buffer, unsigned long address,
>  
>  	address += symbol_offset;
>  	name = kallsyms_lookup(address, &size, &offset, &modname, buffer);
> -	if (!name)
> -		return sprintf(buffer, "0x%lx", address - symbol_offset);
> +	if (!name) {
> +		buffer[0] = '\0';
> +		return -1;
> +	}
>  
>  	if (name != buffer)
>  		strcpy(buffer, name);
> -- 
> 2.7.4
> 

Do you want a Suggested-by: tag for this patch Steve? I mentioned you in
the cover letter but as far as going into the git history I'm not
entirely sure on the protocol for adding suggested-by. The kernel docs
say not to add it without authorization, so ...

thanks,
Tobin.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.