[LTP] [PATCH v2] fsconfig: New case cover CVE-2022-0185

Petr Vorel pvorel@suse.cz
Thu Feb 9 15:40:33 CET 2023


> Hi!
> > > +static void run(void)
> > > +{
> > > +	char *val = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
> > > +
> > > +	for (unsigned int i = 0; i < 5000; i++)
> > > +		TEST(fsconfig(fd, FSCONFIG_SET_STRING, "\x00", val, 0));

> Also as far as I understand the discussion fsconfig() returns EINVAL on
> new enough kernels here, right? If that is the case we should also check
> that the call fails properly from the v5.17 and newer.

I'd test all kernels and expect them to return EINVAL.
Because 722d94847de29 was backported to 5.10.x and 5.4.x stable kernels.
It'd be worth to check how it behaves on older stable (e.g. 4.19.x) and either
raise .min_kernel lower than 5.4 if easily modified behavior for older kernels
or ask for 5.4 otherwise. (I mean .min_kver = "5.17", is too aggressive).

Kind regards,
Petr


More information about the ltp mailing list