freebsd-skq/usr.sbin/kldxref
Jessica Clarke a98fa52ec6 kldxref: Avoid buffer overflows in parse_pnp_list
We convert a string like "W32:vendor/device" into "I:vendor;I:device",
where the output is longer than the input, but only allocate space equal
to the length of the input, leading to a buffer overflow.

Instead use open_memstream so we get a safe dynamically-grown buffer.

Found by:	CHERI
Reviewed by:	imp, jhb (mentor)
Approved by:	imp, jhb (mentor)
Obtained from:	CheriBSD
Differential Revision:	https://reviews.freebsd.org/D26637
2020-10-15 18:03:14 +00:00
..
ef_aarch64.c
ef_amd64.c
ef_i386.c
ef_mips.c Parse MIPS relocations to unbreak kldxref on MIPS. 2019-04-24 23:35:10 +00:00
ef_nop.c
ef_obj.c
ef_powerpc.c Fix kldxref on PowerPC64 2019-02-27 13:24:42 +00:00
ef_riscv.c
ef.c Bump kldxref's MAXSEGS to 16, to stop complaints about the kernel 2020-08-20 18:50:46 +00:00
ef.h
fileformat
kldxref.8
kldxref.c kldxref: Avoid buffer overflows in parse_pnp_list 2020-10-15 18:03:14 +00:00
Makefile pkgbase: Put a lot of binaries and lib in FreeBSD-runtime 2019-09-05 14:13:08 +00:00
Makefile.depend