misc-modules: faulty: Open code memset() to allow a buffer overflow

The memset() function is now fortified, which means that provides both a compile and runtime buffer overflow checks. Since the goal of the faulty module is to cause a buffer overflow this function can't be used anymore and instead have to be open coded. Signed-off-by: Javier Martinez Canillas <javier@dowhile0.org>
author: Javier Martinez Canillas <javier@dowhile0.org> 2018-02-25 23:16:18 +0100
committer: Javier Martinez Canillas <javier@dowhile0.org> 2018-02-25 23:21:14 +0100
commit: 799788bab2730fa21bfa59b234f98d98c2feeea7 (patch)
tree: 9651b2a6f2fcc39f2a0d1605c0f9fa00568bff9e /misc-modules
parent: 11b2dfc91f5ff185262c4bd8d3365b70035ecfe2 (diff)
download: ldd3-799788bab2730fa21bfa59b234f98d98c2feeea7.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/misc-modules/faulty.c b/misc-modules/faulty.c
index 95038b7..c6c44b4 100644
--- a/misc-modules/faulty.c
+++ b/misc-modules/faulty.c
@@ -31,11 +31,13 @@ int faulty_major = 0;
 ssize_t faulty_read(struct file *filp, char __user *buf,
 		    size_t count, loff_t *pos)
 {
+	int i;
 	int ret;
 	char stack_buf[4];
 
 	/* Let's try a buffer overflow  */
-	memset(stack_buf, 0xff, 20);
+	for (i = 0; i < 20; i++)
+		*(stack_buf + i) = 0xff;
 	if (count > 4)
 		count = 4; /* copy 4 bytes to the user */
 	ret = copy_to_user(buf, stack_buf, count);
author	Javier Martinez Canillas <javier@dowhile0.org>	2018-02-25 23:16:18 +0100
committer	Javier Martinez Canillas <javier@dowhile0.org>	2018-02-25 23:21:14 +0100
commit	799788bab2730fa21bfa59b234f98d98c2feeea7 (patch)
tree	9651b2a6f2fcc39f2a0d1605c0f9fa00568bff9e /misc-modules
parent	11b2dfc91f5ff185262c4bd8d3365b70035ecfe2 (diff)
download	ldd3-799788bab2730fa21bfa59b234f98d98c2feeea7.tar.gz