The following commit has been merged into the x86/misc branch of tip: Commit-ID: e20f67026b5ead2afc5627e98b45e6b65e7fb38c Gitweb: https://git.kernel.org/tip/e20f67026b5ead2afc5627e98b45e6b65e7fb38c Author: Borislav Petkov <[email protected]> AuthorDate: Mon, 15 Mar 2021 13:08:35 +01:00 Committer: Borislav Petkov <[email protected]> CommitterDate: Thu, 18 Mar 2021 11:36:01 +01:00
tools/x86/kcpuid: Check last token too Input lines like 0x8000001E, 0, EAX, 31:0, Extended APIC ID where the short name is missing lead to a segfault because the loop takes the long name for the short name and tokens[5] becomes NULL which explodes later in strcpy(). Check its value too before further processing. Signed-off-by: Borislav Petkov <[email protected]> Acked-by: Feng Tang <[email protected]> Link: https://lkml.kernel.org/r/[email protected] --- tools/arch/x86/kcpuid/kcpuid.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/arch/x86/kcpuid/kcpuid.c b/tools/arch/x86/kcpuid/kcpuid.c index 6048da3..dae7551 100644 --- a/tools/arch/x86/kcpuid/kcpuid.c +++ b/tools/arch/x86/kcpuid/kcpuid.c @@ -324,6 +324,8 @@ static int parse_line(char *line) str = NULL; } tokens[5] = strtok(str, "\n"); + if (!tokens[5]) + goto err_exit; /* index/main-leaf */ index = strtoull(tokens[0], NULL, 0);
