malhuda/KernelSU
1
0
Fork 0
mirror of https://github.com/tiann/KernelSU.git synced 2025-02-20 11:43:32 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Copy one extra byte from userspace filename (#958)

Browse Source 
Otherwise we will rewrite paths for filenames that begins with
`/system/bin/su`.

This fix copies one extra byte from userspace filename so that when we
encounter filenames like `/system/bin/suasf`,
`/system/bin/su\0` gets compared with `/system/bin/sua`, which correctly
prevents the `su -> sh` path rewriting.

Close #957
This commit is contained in:
Levi Zim 2023-09-16 12:23:04 +08:00 committed by GitHub
parent 08745664a6
commit cbb98a1de9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
kernel/sucompat.c
View File

@ -48,7 +48,7 @@ int ksu_handle_faccessat(int *dfd, const char __user **filename_user, int *mode,
return 0;
}
char path[sizeof(su)];
char path[sizeof(su) + 1];
memset(path, 0, sizeof(path));
ksu_strncpy_from_user_nofault(path, *filename_user, sizeof(path));
@ -73,7 +73,7 @@ int ksu_handle_stat(int *dfd, const char __user **filename_user, int *flags)
return 0;
}
char path[sizeof(su)];
char path[sizeof(su) + 1];
memset(path, 0, sizeof(path));
ksu_strncpy_from_user_nofault(path, *filename_user, sizeof(path));