Merge tag 'module-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-for-linus

Pull module patches from Rusty Russell, who really sells them: "Three trivial patches of no real utility. Modules are boring." But to make things slightly more exciting, he adds: "Fortunately David Howells is looking to change this, with his module signing patchset. But that's for next merge window... Cheers, Rusty." * tag 'module-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-for-linus: Guard check in module loader against integer overflow modpost: use proper kernel style for autogenerated files modpost: Stop grab_file() from leaking filedescriptors if fstat() fails
author: Linus Torvalds <torvalds@linux-foundation.org> 2012-05-23 20:34:09 -0400
committer: Linus Torvalds <torvalds@linux-foundation.org> 2012-05-23 20:34:09 -0400
commit: fb827ec68446c83e9e8754fa9b55aed27ecc4661 (patch)
tree: e953aedce01fa1c90a8e7b591e40310c3c1e7447
parent: d5b4bb4d103cd601d8009f2d3a7e44586c9ae7cc (diff)
parent: ef26a5a6eadb7cd0637e1e9e246cd42505b8ec8c (diff)
2 files changed, 12 insertions, 8 deletions
diff --git a/kernel/module.c b/kernel/module.c
index a4e60973ca73..4edbd9c11aca 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -2429,7 +2429,8 @@ static int copy_and_check(struct load_info *info,
                goto free_hdr;
        }
-        if (len < hdr->e_shoff + hdr->e_shnum * sizeof(Elf_Shdr)) {
+        if (hdr->e_shoff >= len ||
+            hdr->e_shnum * sizeof(Elf_Shdr) > len - hdr->e_shoff) {
                err = -ENOEXEC;
                goto free_hdr;
        }
diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
index c4e7d1510f9d..0f84bb38eb0d 100644
--- a/scripts/mod/modpost.c
+++ b/scripts/mod/modpost.c
@@ -337,17 +337,20 @@ static void sym_update_crc(const char *name, struct module *mod,
 void *grab_file(const char *filename, unsigned long *size)
 {
        struct stat st;
-        void *map;
+        void *map = MAP_FAILED;
        int fd;
        fd = open(filename, O_RDONLY);
-        if (fd < 0 || fstat(fd, &st) != 0)
+        if (fd < 0)
                return NULL;
+        if (fstat(fd, &st))
+                goto failed;
        *size = st.st_size;
        map = mmap(NULL, *size, PROT_READ|PROT_WRITE, MAP_PRIVATE, fd, 0);
-        close(fd);
+failed:
+        close(fd);
        if (map == MAP_FAILED)
                return NULL;
        return map;
@@ -1850,14 +1853,14 @@ static void add_header(struct buffer *b, struct module *mod)
        buf_printf(b, "\n");
        buf_printf(b, "struct module __this_module\n");
        buf_printf(b, "__attribute__((section(\".gnu.linkonce.this_module\"))) = {\n");
-        buf_printf(b, " .name = KBUILD_MODNAME,\n");
+        buf_printf(b, "\t.name = KBUILD_MODNAME,\n");
        if (mod->has_init)
-                buf_printf(b, " .init = init_module,\n");
+                buf_printf(b, "\t.init = init_module,\n");
        if (mod->has_cleanup)
                buf_printf(b, "#ifdef CONFIG_MODULE_UNLOAD\n"
-                              " .exit = cleanup_module,\n"
+                              "\t.exit = cleanup_module,\n"
                              "#endif\n");
-        buf_printf(b, " .arch = MODULE_ARCH_INIT,\n");
+        buf_printf(b, "\t.arch = MODULE_ARCH_INIT,\n");
        buf_printf(b, "};\n");
 }
author	Linus Torvalds <torvalds@linux-foundation.org>	2012-05-23 20:34:09 -0400
committer	Linus Torvalds <torvalds@linux-foundation.org>	2012-05-23 20:34:09 -0400
commit	fb827ec68446c83e9e8754fa9b55aed27ecc4661 (patch)
tree	e953aedce01fa1c90a8e7b591e40310c3c1e7447
parent	d5b4bb4d103cd601d8009f2d3a7e44586c9ae7cc (diff)
parent	ef26a5a6eadb7cd0637e1e9e246cd42505b8ec8c (diff)