mirror of
https://github.com/freebsd/freebsd-src
synced 2024-07-03 08:49:22 +00:00
3da568710f
Assume you have loader configured to load linux64, which has a dependency on both linux_common and mqueuefs but neither the kernel nor kernel config in question have the mqueuefs module included. When the load command for linux64 fails to find mqueuefs, it will free both linux64 and linux_common as they were loaded first, but only linux64 gets removed from the module list. As a result, future traversals hit an easy use-after-free with linux_common. Fix it so that we unlink the entire tail of the list. Anything after the initially loaded module is, by definition, a dependency on the loaded module while we're still in the load command, so we can just discard the entire tail. If linux_common were loaded before linux64, it should not move to a position during this load where it would suddenly be missing from the view presented to the kernel. Reported by: philip Reviewed by: imp, philip, tsoome MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D45731 |
||
|---|---|---|
| .. | ||
| arm64 | ||
| common | ||
| defaults | ||
| efi | ||
| fdt | ||
| ficl | ||
| ficl32 | ||
| fonts | ||
| forth | ||
| i386 | ||
| images | ||
| kboot | ||
| kshim | ||
| liblua | ||
| liblua32 | ||
| libofw | ||
| libsa | ||
| libsa32 | ||
| lua | ||
| man | ||
| powerpc | ||
| uboot | ||
| usb | ||
| userboot | ||
| defs.mk | ||
| fdt.mk | ||
| ficl.mk | ||
| loader.mk | ||
| lua.mk | ||
| Makefile | ||
| Makefile.amd64 | ||
| Makefile.inc | ||
| veriexec.mk | ||