Re: [PATCH v3 3/7] kprobes: validate the symbol name length
From: Naveen N. Rao
Date: Thu Apr 20 2017 - 03:21:13 EST
Excerpts from Michael Ellerman's message of April 20, 2017 11:38:
"Naveen N. Rao" <naveen.n.rao@xxxxxxxxxxxxxxxxxx> writes:
diff --git a/kernel/kprobes.c b/kernel/kprobes.c
index 6a128f3a7ed1..bb86681c8a10 100644
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -1382,6 +1382,28 @@ bool within_kprobe_blacklist(unsigned long addr)
return false;
}
+bool is_valid_kprobe_symbol_name(const char *name)
+{
+ size_t sym_len;
+ char *s;
+
+ s = strchr(name, ':');
+ if (s) {
+ sym_len = strnlen(s+1, KSYM_NAME_LEN);
+ if (sym_len <= 0 || sym_len >= KSYM_NAME_LEN)
+ return false;
+ sym_len = (size_t)(s - name);
+ if (sym_len <= 0 || sym_len >= MODULE_NAME_LEN)
+ return false;
+ } else {
+ sym_len = strnlen(name, MODULE_NAME_LEN);
+ if (sym_len <= 0 || sym_len >= MODULE_NAME_LEN)
+ return false;
+ }
I think this is probably more elaborate than it needs to be.
Why not just check the string is <= (MODULE_NAME_LEN + KSYM_NAME_LEN) ?
Yes, that would be sufficient for now.
It's probably just me being paranoid, but I felt it's good to have
stricter checks for user-provided strings, to guard against future
changes to how we process this.
- Naveen