Date: Wed, 8 Apr 2020 11:28:27 -0700 From: Enji Cooper <yaneurabeya@gmail.com> To: Kyle Evans <kevans@FreeBSD.org> Cc: src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r359689 - head/usr.sbin/config Message-ID: <8AAE567D-BEC5-4AF1-B290-D4EA833ED96A@gmail.com> In-Reply-To: <202004071414.037EEx5Q057793@repo.freebsd.org> References: <202004071414.037EEx5Q057793@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Apr 7, 2020, at 7:14 AM, Kyle Evans <kevans@FreeBSD.org> wrote: >=20 > Author: kevans > Date: Tue Apr 7 14:14:59 2020 > New Revision: 359689 > URL: https://svnweb.freebsd.org/changeset/base/359689 >=20 > Log: > config(8): "fix" a couple of buffer overflows >=20 > Recently added/changed lines in various kernel configs have caused = some > buffer overflows that went undetected. These were detected with a = config > built using -fno-common as these line buffers smashed one of our = arrays, > then further triaged with ASAN. >=20 > Double the sizes; this is really not a great fix, but addresses the > immediate need until someone rewrites config. While here, add some = bounds > checking so that we don't need to detect this by random bus errors or = other > weird failures. Good catch! This seems like it deserves a follow up PR in = Bugzilla. Cheers, -Enji=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8AAE567D-BEC5-4AF1-B290-D4EA833ED96A>