From 434cfb427f739258bd3280ce148cdbe85c800f8a Mon Sep 17 00:00:00 2001 From: Jeremy Rand Date: Sat, 22 Apr 2023 04:36:05 +0000 Subject: [PATCH] mmap-rnd-bits: Check that configs are valid integers --- usr/libexec/security-misc/mmap-rnd-bits | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr/libexec/security-misc/mmap-rnd-bits b/usr/libexec/security-misc/mmap-rnd-bits index 0ed4d1a..88817a1 100755 --- a/usr/libexec/security-misc/mmap-rnd-bits +++ b/usr/libexec/security-misc/mmap-rnd-bits @@ -18,12 +18,12 @@ COMPAT_BITS_MAX_DEFAULT=16 if compgen -G "/boot/config-*" > /dev/null && CONFIG=$(ls -1 -t /boot/config-* | head -n 1) then ## Find the relevant config options. - if ! BITS_MAX=$(grep "CONFIG_ARCH_MMAP_RND_BITS_MAX" "${CONFIG}" | cut -d "=" -f 2) + if ! BITS_MAX=$(grep -E '^CONFIG_ARCH_MMAP_RND_BITS_MAX=[0-9]+$' "${CONFIG}" | cut -d "=" -f 2) then echo "Error detecting CONFIG_ARCH_MMAP_RND_BITS_MAX" BITS_MAX="${BITS_MAX_DEFAULT}" fi - if ! COMPAT_BITS_MAX=$(grep "CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX" "${CONFIG}" | cut -d "=" -f 2) + if ! COMPAT_BITS_MAX=$(grep -E '^CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=[0-9]+$' "${CONFIG}" | cut -d "=" -f 2) then echo "Error detecting CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX" COMPAT_BITS_MAX="${COMPAT_BITS_MAX_DEFAULT}"