1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-01-24 09:13:20 -05:00
linux/usr
Nicolas Schier 4c9d410f32 initramfs: Check timestamp to prevent broken cpio archive
Cpio format reserves 8 bytes for an ASCII representation of a time_t timestamp.
While 2106-02-07 06:28:15 UTC (time_t = 0xffffffff) is still some years in the
future, a poorly chosen date string for KBUILD_BUILD_TIMESTAMP, converted into
seconds since the epoch, might lead to exceeded cpio timestamp limits that
result in a broken cpio archive.  Add timestamp checks to prevent overrun of
the 8-byte cpio header field.

My colleague Thomas Kühnel discovered the behaviour, when we accidentally fed
SOURCE_DATE_EPOCH to KBUILD_BUILD_TIMESTAMP as is: some timestamps (e.g.
1607420928 = 2021-12-08 9:48:48 UTC) will be interpreted by `date` as a valid
date specification of science fictional times (here: year 160742).  Even though
this is bad input for KBUILD_BUILD_TIMESTAMP, it should not break the initramfs
cpio format.

Signed-off-by: Nicolas Schier <nicolas@fjasle.eu>
Cc: Thomas Kühnel <thomas.kuehnel@avm.de>
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
2021-10-24 13:48:40 +09:00
..
include usr/include: refactor .gitignore 2021-05-02 00:43:34 +09:00
.gitignore .gitignore: prefix local generated files with a slash 2021-05-02 00:43:35 +09:00
default_cpio_list initramfs: add default_cpio_list, and delete -d option support 2020-01-16 00:25:22 +09:00
gen_init_cpio.c initramfs: Check timestamp to prevent broken cpio archive 2021-10-24 13:48:40 +09:00
gen_initramfs.sh kbuild: replace LANG=C with LC_ALL=C 2021-05-02 00:43:35 +09:00
initramfs_data.S initramfs: refactor the initramfs build rules 2020-01-16 00:26:21 +09:00
Kconfig initramfs: Remove redundant dependency of RD_ZSTD on BLK_DEV_INITRD 2021-02-24 15:12:06 +09:00
Makefile usr: Add support for zstd compressed initramfs 2020-07-31 11:49:08 +02:00