modprobe,rmmod: reject module names with slashes

function                                             old     new   delta
add_probe                                             86     113     +27

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

diff --git a/modutils/modprobe.c b/modutils/modprobe.c
index f08f0850d6543f1f83074cf7f8f55b076e17a78b..f0904285b2e8162b3033923e222eea296c784c1a 100644 (file)
--- a/modutils/modprobe.c
+++ b/modutils/modprobe.c
@@ -238,6 +238,17 @@ static void add_probe(const char *name)
 {
        struct module_entry *m;
 
+       /*
+        * get_or_add_modentry() strips path from name and works
+        * on remaining basename.
+        * This would make "rmmod dir/name" and "modprobe dir/name"
+        * to work like "rmmod name" and "modprobe name",
+        * which is wrong, and can be abused via implicit modprobing:
+        * "ifconfig /usbserial up" tries to modprobe netdev-/usbserial.
+        */
+       if (strchr(name, '/'))
+               bb_error_msg_and_die("malformed module name '%s'", name);
+
        m = get_or_add_modentry(name);
        if (!(option_mask32 & (OPT_REMOVE | OPT_SHOW_DEPS))
         && (m->flags & MODULE_FLAG_LOADED)