From owner-svn-src-all@freebsd.org Thu Apr 9 14:21:17 2020 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 440602BB5A0; Thu, 9 Apr 2020 14:21:17 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48yjxT14qtz4dn2; Thu, 9 Apr 2020 14:21:17 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: from mail-qk1-f174.google.com (mail-qk1-f174.google.com [209.85.222.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) (Authenticated sender: kevans) by smtp.freebsd.org (Postfix) with ESMTPSA id 144F6174FB; Thu, 9 Apr 2020 14:21:17 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: by mail-qk1-f174.google.com with SMTP id z15so4044301qki.7; Thu, 09 Apr 2020 07:21:17 -0700 (PDT) X-Gm-Message-State: AGi0PuauUiC/Yz3pyZCWCneOhuJsXoTo6ELk8OCq7BwuEoUZEJHytAVe UT0LuUt3PPXR2OiMz6vCQ64r0PEm5cFIVttkoOc= X-Google-Smtp-Source: APiQypIgESXcUSWwla8mYvMEvSgRPLybeeU7j93sdwFVLlBhJHHggwEYuvkOpQE6tc3KJuMKbK5H8DcOTmNc3R3i8Pc= X-Received: by 2002:a37:6d8:: with SMTP id 207mr17562qkg.103.1586442076430; Thu, 09 Apr 2020 07:21:16 -0700 (PDT) MIME-Version: 1.0 References: <202004071414.037EEx5Q057793@repo.freebsd.org> <8AAE567D-BEC5-4AF1-B290-D4EA833ED96A@gmail.com> In-Reply-To: <8AAE567D-BEC5-4AF1-B290-D4EA833ED96A@gmail.com> From: Kyle Evans Date: Thu, 9 Apr 2020 09:21:03 -0500 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: svn commit: r359689 - head/usr.sbin/config To: Enji Cooper Cc: src-committers , svn-src-all , svn-src-head Content-Type: text/plain; charset="UTF-8" X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Apr 2020 14:21:17 -0000 On Wed, Apr 8, 2020 at 1:28 PM Enji Cooper wrote: > > > > On Apr 7, 2020, at 7:14 AM, Kyle Evans wrote: > > > > Author: kevans > > Date: Tue Apr 7 14:14:59 2020 > > New Revision: 359689 > > URL: https://svnweb.freebsd.org/changeset/base/359689 > > > > Log: > > config(8): "fix" a couple of buffer overflows > > > > Recently added/changed lines in various kernel configs have caused some > > buffer overflows that went undetected. These were detected with a config > > built using -fno-common as these line buffers smashed one of our arrays, > > then further triaged with ASAN. > > > > Double the sizes; this is really not a great fix, but addresses the > > immediate need until someone rewrites config. While here, add some bounds > > checking so that we don't need to detect this by random bus errors or other > > weird failures. > > Good catch! This seems like it deserves a follow up PR in Bugzilla. I waffled a bit, then came to my senses and created one[0], as this really does need an actual fix or for someone to be motivated to rewrite config(8). [0] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=245476