diff options
| -rw-r--r-- | kernel/module.c | 3 | ||||
| -rw-r--r-- | scripts/mod/modpost.c | 17 |
2 files changed, 12 insertions, 8 deletions
diff --git a/kernel/module.c b/kernel/module.c index a4e60973ca73..4edbd9c11aca 100644 --- a/kernel/module.c +++ b/kernel/module.c | |||
| @@ -2429,7 +2429,8 @@ static int copy_and_check(struct load_info *info, | |||
| 2429 | goto free_hdr; | 2429 | goto free_hdr; |
| 2430 | } | 2430 | } |
| 2431 | 2431 | ||
| 2432 | if (len < hdr->e_shoff + hdr->e_shnum * sizeof(Elf_Shdr)) { | 2432 | if (hdr->e_shoff >= len || |
| 2433 | hdr->e_shnum * sizeof(Elf_Shdr) > len - hdr->e_shoff) { | ||
| 2433 | err = -ENOEXEC; | 2434 | err = -ENOEXEC; |
| 2434 | goto free_hdr; | 2435 | goto free_hdr; |
| 2435 | } | 2436 | } |
diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c index c4e7d1510f9d..0f84bb38eb0d 100644 --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c | |||
| @@ -337,17 +337,20 @@ static void sym_update_crc(const char *name, struct module *mod, | |||
| 337 | void *grab_file(const char *filename, unsigned long *size) | 337 | void *grab_file(const char *filename, unsigned long *size) |
| 338 | { | 338 | { |
| 339 | struct stat st; | 339 | struct stat st; |
| 340 | void *map; | 340 | void *map = MAP_FAILED; |
| 341 | int fd; | 341 | int fd; |
| 342 | 342 | ||
| 343 | fd = open(filename, O_RDONLY); | 343 | fd = open(filename, O_RDONLY); |
| 344 | if (fd < 0 || fstat(fd, &st) != 0) | 344 | if (fd < 0) |
| 345 | return NULL; | 345 | return NULL; |
| 346 | if (fstat(fd, &st)) | ||
| 347 | goto failed; | ||
| 346 | 348 | ||
| 347 | *size = st.st_size; | 349 | *size = st.st_size; |
| 348 | map = mmap(NULL, *size, PROT_READ|PROT_WRITE, MAP_PRIVATE, fd, 0); | 350 | map = mmap(NULL, *size, PROT_READ|PROT_WRITE, MAP_PRIVATE, fd, 0); |
| 349 | close(fd); | ||
| 350 | 351 | ||
| 352 | failed: | ||
| 353 | close(fd); | ||
| 351 | if (map == MAP_FAILED) | 354 | if (map == MAP_FAILED) |
| 352 | return NULL; | 355 | return NULL; |
| 353 | return map; | 356 | return map; |
| @@ -1850,14 +1853,14 @@ static void add_header(struct buffer *b, struct module *mod) | |||
| 1850 | buf_printf(b, "\n"); | 1853 | buf_printf(b, "\n"); |
| 1851 | buf_printf(b, "struct module __this_module\n"); | 1854 | buf_printf(b, "struct module __this_module\n"); |
| 1852 | buf_printf(b, "__attribute__((section(\".gnu.linkonce.this_module\"))) = {\n"); | 1855 | buf_printf(b, "__attribute__((section(\".gnu.linkonce.this_module\"))) = {\n"); |
| 1853 | buf_printf(b, " .name = KBUILD_MODNAME,\n"); | 1856 | buf_printf(b, "\t.name = KBUILD_MODNAME,\n"); |
| 1854 | if (mod->has_init) | 1857 | if (mod->has_init) |
| 1855 | buf_printf(b, " .init = init_module,\n"); | 1858 | buf_printf(b, "\t.init = init_module,\n"); |
| 1856 | if (mod->has_cleanup) | 1859 | if (mod->has_cleanup) |
| 1857 | buf_printf(b, "#ifdef CONFIG_MODULE_UNLOAD\n" | 1860 | buf_printf(b, "#ifdef CONFIG_MODULE_UNLOAD\n" |
| 1858 | " .exit = cleanup_module,\n" | 1861 | "\t.exit = cleanup_module,\n" |
| 1859 | "#endif\n"); | 1862 | "#endif\n"); |
| 1860 | buf_printf(b, " .arch = MODULE_ARCH_INIT,\n"); | 1863 | buf_printf(b, "\t.arch = MODULE_ARCH_INIT,\n"); |
| 1861 | buf_printf(b, "};\n"); | 1864 | buf_printf(b, "};\n"); |
| 1862 | } | 1865 | } |
| 1863 | 1866 | ||