svn commit: r359689 - head/usr.sbin/config
Enji Cooper
yaneurabeya at gmail.com
Wed Apr 8 18:28:32 UTC 2020
> On Apr 7, 2020, at 7:14 AM, Kyle Evans <kevans at FreeBSD.org> wrote:
>
> Author: kevans
> Date: Tue Apr 7 14:14:59 2020
> New Revision: 359689
> URL: https://svnweb.freebsd.org/changeset/base/359689
>
> Log:
> config(8): "fix" a couple of buffer overflows
>
> Recently added/changed lines in various kernel configs have caused some
> buffer overflows that went undetected. These were detected with a config
> built using -fno-common as these line buffers smashed one of our arrays,
> then further triaged with ASAN.
>
> Double the sizes; this is really not a great fix, but addresses the
> immediate need until someone rewrites config. While here, add some bounds
> checking so that we don't need to detect this by random bus errors or other
> weird failures.
Good catch! This seems like it deserves a follow up PR in Bugzilla.
Cheers,
-Enji
More information about the svn-src-all
mailing list