lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 7 Dec 2017 10:23:48 -0700 From: Shuah Khan <shuah@...nel.org> To: julien.boibessot@...e.fr, Valentina Manea <valentina.manea.m@...il.com>, linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Shuah Khan <shuahkh@....samsung.com>, Shuah Khan <shuah@...nel.org> Cc: Julien BOIBESSOT <julien.boibessot@...adeus.com> Subject: Re: [PATCH] tools/usbip: fixes potential (minor) "buffer overflow" (detected on recent gcc with -Werror) On 12/05/2017 08:09 AM, julien.boibessot@...e.fr wrote: > From: Julien BOIBESSOT <julien.boibessot@...adeus.com> > > Fixes following build error: > vhci_driver.c: In function 'refresh_imported_device_list': > vhci_driver.c:118:37: error: 'snprintf' output may be truncated before > the last format character [-Werror=format-truncation=] > snprintf(status, sizeof(status), "status.%d", i); > ^~~~~~~~~~~ > vhci_driver.c:118:4: note: 'snprintf' output between 9 and 18 bytes into > a destination of size 17 > snprintf(status, sizeof(status), "status.%d", i); > ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > cc1: all warnings being treated as errors > > Signed-off-by: Julien BOIBESSOT <julien.boibessot@...adeus.com> > --- > tools/usb/usbip/libsrc/vhci_driver.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/tools/usb/usbip/libsrc/vhci_driver.c b/tools/usb/usbip/libsrc/vhci_driver.c > index 5727dfb..a9ce431 100644 > --- a/tools/usb/usbip/libsrc/vhci_driver.c > +++ b/tools/usb/usbip/libsrc/vhci_driver.c > @@ -106,7 +106,7 @@ static int parse_status(const char *value) > return 0; > } > > -#define MAX_STATUS_NAME 16 > +#define MAX_STATUS_NAME 18 > > static int refresh_imported_device_list(void) > { > I have been thinking about this some and if it indeed a large ncontrollers value that makes the buffer overflow, we might have a bigger problem. That said, this patch looks good to fix the warming. Greg, Could you please pick this patch up. Acked-by: Shuah Khan <shuahkh@....samsung.com> thanks, -- Shuah
Powered by blists - more mailing lists