init/main.c: Fix potential static_command_line memory overflow
JIRA: https://issues.redhat.com/browse/RHEL-35088
CVE: CVE-2024-26988
Build Info: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=60973397
Tested: Did sanity boot testing on Intel (intel-eaglestream-emr-01) system.
commit 46dad3c1e57897ab9228332f03e1c14798d2d3b9
Author: Yuntao Wang ytcoode@gmail.com
Date: Fri Apr 12 16:17:32 2024 +0800
init/main.c: Fix potential static_command_line memory overflow
We allocate memory of size 'xlen + strlen(boot_command_line) + 1' for
static_command_line, but the strings copied into static_command_line are
extra_command_line and command_line, rather than extra_command_line and
boot_command_line.
When strlen(command_line) > strlen(boot_command_line), static_command_line
will overflow.
This patch just recovers strlen(command_line) which was miss-consolidated
with strlen(boot_command_line) in the commit f5c7310ac73e ("init/main: add
checks for the return value of memblock_alloc*()")
Link: https://lore.kernel.org/all/20240412081733.35925-2-ytcoode@gmail.com/
Fixes: f5c7310ac73e ("init/main: add checks for the return value of memblock_alloc*()")
Cc: stable@vger.kernel.org
Signed-off-by: Yuntao Wang <ytcoode@gmail.com>
Signed-off-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
Signed-off-by: Steve Best sbest@redhat.com