[LTP] [PATCH] Add test for CVE 2022-4378

Richard Palethorpe rpalethorpe@suse.de
Mon Dec 19 10:30:00 CET 2022


Hello,

Martin Doucha <mdoucha@suse.cz> writes:

> Signed-off-by: Martin Doucha <mdoucha@suse.cz>
> ---
>  runtest/cve                   |   1 +
>  testcases/cve/.gitignore      |   1 +
>  testcases/cve/cve-2022-4378.c | 108 ++++++++++++++++++++++++++++++++++
>  3 files changed, 110 insertions(+)
>  create mode 100644 testcases/cve/cve-2022-4378.c
>
> diff --git a/runtest/cve b/runtest/cve
> index fd0305aa3..1ba63c2a7 100644
> --- a/runtest/cve
> +++ b/runtest/cve
> @@ -76,3 +76,4 @@ cve-2022-0847 dirtypipe
>  cve-2022-2590 dirtyc0w_shmem
>  # Tests below may cause kernel memory leak
>  cve-2020-25704 perf_event_open03
> +cve-2022-4378 cve-2022-4378
> diff --git a/testcases/cve/.gitignore b/testcases/cve/.gitignore
> index eb0a8b37d..90e8b191c 100644
> --- a/testcases/cve/.gitignore
> +++ b/testcases/cve/.gitignore
> @@ -10,4 +10,5 @@ stack_clash
>  cve-2017-17052
>  cve-2017-16939
>  cve-2017-17053
> +cve-2022-4378
>  icmp_rate_limit01
> diff --git a/testcases/cve/cve-2022-4378.c b/testcases/cve/cve-2022-4378.c
> new file mode 100644
> index 000000000..e1c5df325
> --- /dev/null
> +++ b/testcases/cve/cve-2022-4378.c
> @@ -0,0 +1,108 @@
> +// SPDX-License-Identifier: GPL-2.0-or-later
> +/*
> + * Copyright (C) 2022 SUSE LLC <mdoucha@suse.cz>
> + */
> +
> +/*\
> + * CVE 2022-4378
> + *
> + * Check that writing several pages worth of whitespace into /proc/sys files
> + * does not cause kernel stack overflow. Kernel bug fixed in:
> + *
> + * commit bce9332220bd677d83b19d21502776ad555a0e73
> + * Author: Linus Torvalds <torvalds@linux-foundation.org>
> + * Date:   Mon Dec 5 12:09:06 2022 -0800
> + *
> + * proc: proc_skip_spaces() shouldn't think it is working on C strings
> + */

Haha, OK, merged with minor fix to null terminate tags array (detected
by make check).

-- 
Thank you,
Richard.


More information about the ltp mailing list