[syslinux] [PATCH 0/2] Stack overflows when running commands

Gene Cumm gene.cumm at gmail.com
Thu Jan 21 03:04:13 PST 2016 

On Sat, Jan 9, 2016 at 12:49 PM, Celelibi <celelibi at gmail.com> wrote:
> 2016-01-09 17:05 UTC+01:00, Gene Cumm <gene.cumm at gmail.com>:
>> On Tue, Oct 13, 2015 at 12:04 AM, celelibi--- via Syslinux
>> <syslinux at zytor.com> wrote:
>>> From: Sylvain Gault <sylvain.gault at gmail.com>
>>>
>>> Hello there,
>>>
>>> I propose 2 patches that fix two possible stack overflows either when
>>> running a
>>> COM32 module or when loading a new config file.
>>>
>>> I didn't find a better way to do this than to use the infamous
>>> setjmp/longjmp
>>> functions to restore the stack to a previous state. This makes the logic a
>>> bit
>>> more complex, but the behavior is not changed.
>>
>> The other way to do this is set variable(s) about the next target
>> state and then return from the functions.  I'm not sure which is the
>> better way, however.
>
> That would change the semantics of the execute() function which is
> supposed to never return. So all the modules using that function
> directly or indirectly would need to be patched.
>
> Are there some people who wrote their own modules? If so, Ady would
> yell at us as a backward compatibility guardian. ^^
>
> But I agree that would allow the modules to clean up after themselves:
> Freeing memory and closing files. But maybe a generic resource
> tracking is better anyway.
>
>>
>>> Although these bugs are not very visible right now because of some
>>> useless
>>> section in the binaries taking some space allowing the stack to overflow
>>> without consequences, they might need to be fixed very soon.
>>>
>>> Still remain a limitation when running a lot of commands (or loading lots
>>> of
>>> time some config file) is that some files might not be closed and some
>>> memory
>>> may not be freed.
>>>
>>> Sylvain Gault (2):
>>>   ldlinux: fix stack overflow when running COM32 modules
>>>   core: Fix stack overflow when reloading config
>>>
>>>  com32/elflink/ldlinux/execute.c |  4 ++-
>>>  com32/elflink/ldlinux/ldlinux.c | 28 ++++++++++++++------
>>>  core/elflink/load_env32.c       | 58
>>> ++++++++++++++++++++++++++++++++++++++++-
>>>  3 files changed, 80 insertions(+), 10 deletions(-)

Merged.

-- 
-Gene

More information about the Syslinux mailing list