[Bug 229661] New: modprobe loads a file 't' from current directory.
https://bugzilla.novell.com/show_bug.cgi?id=229661 Summary: modprobe loads a file 't' from current directory. Product: openSUSE 10.2 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: jw@novell.com QAContact: qa@suse.de CC: meissner@novell.com $ echo -e "alias * hijack\ninstall hijack echo hello world" > t $ modprobe vfat hello world $ seen on i386 with module-init-tools-3.2.2-61 module-init-tools-3.2.2-62 but not on x86_64 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=229661 chrubis@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team- |mmarek@novell.com |screening@forge.provo.novell| |.com | Severity|Normal |Major -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=229661 ------- Comment #2 from jw@novell.com 2006-12-19 11:42 MST ------- modprobe.c fastgetline() works on a global malloced buffer lnbuf. fastgetline() is called inside read_config_file(). Recursion in read_config() cause read_config_file() to reuse and free the same buffer, which is thus invalid after exiting one level of recursion. This only happens, as a pathname that is a valid directory is later also tested as a filename. Despite a strange comment, in the code, I'd say, it is safe to skip this second test. A patch to that effect is appended, it cures the problem. Michal, please review and apply where appropriate. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=229661 ------- Comment #3 from jw@novell.com 2006-12-19 11:44 MST ------- Created an attachment (id=110393) --> (https://bugzilla.novell.com/attachment.cgi?id=110393&action=view) patch to modprobe.c Fix. This assumes that direcories are not also files. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=229661 ------- Comment #4 from meissner@novell.com 2006-12-19 14:10 MST ------- its not setuid and root usually does not call it by itself. not a security problem in my eyes, just fix for STABLE. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=229661 mmarek@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Priority|P5 - None |P3 - Medium -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=229661 ------- Comment #5 from mmarek@novell.com 2006-12-20 04:51 MST ------- I'd say fastgetline() is guilty in this case, it should be reentrant. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=229661 ------- Comment #6 from mmarek@novell.com 2006-12-20 04:52 MST ------- Created an attachment (id=110493) --> (https://bugzilla.novell.com/attachment.cgi?id=110493&action=view) patch for reentrant fastgetline -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=229661 mmarek@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #110493|text/x-patch |text/plain mime type| | Attachment #110493|0 |1 is patch| | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=229661 ------- Comment #7 from jw@novell.com 2006-12-20 05:18 MST ------- This reentrant patch forces getline() to make a new malloc() for each line it sees. May be slower, but that is probably insignificant compared to the rest. Please do a few comparisons with 'time modprobe ...' to make sure it really is insignificant. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=229661 ------- Comment #8 from mmarek@novell.com 2006-12-20 07:17 MST ------- On an x86_64, I did for i in `seq 999999`; do echo "alias foo$i bar$i"; done
/etc/modprobe.conf.local
(that's _25 MB_ of config file) and the difference is approx. real 0.58 with the reentrant patch vs. real 0.48 without the patch when running 'time -p modprobe vfat'. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=229661 mmarek@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED ------- Comment #9 from mmarek@novell.com 2006-12-20 07:55 MST ------- fixed for STABLE and SLES10-SP1. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=229661 ------- Comment #10 from jw@novell.com 2006-12-20 09:10 MST ------- perfect, thanks. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=229661 chrubis@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |webclark@rochester.rr.com ------- Comment #11 from chrubis@novell.com 2007-01-29 08:04 MST ------- *** Bug 239641 has been marked as a duplicate of this bug. *** -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=229661 ------- Comment #12 from ast@novell.com 2007-03-22 05:57 MST ------- released -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
participants (1)
-
bugzilla_noreply@novell.com