| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 19 Mar 2018 09:56:36 -0700
From: Stephen Hemminger <stephen@...workplumber.org>
To: netdev@...r.kernel.org
Cc: Stephen Hemminger <stephen@...workplumber.org>
Subject: [PATCH iproute2 3/5] bridge: avoid snprint truncation on time
This fixes new gcc warning about possible string overflow.
mdb.c: In function ‘__print_router_port_stats’:
mdb.c:61:11: warning: ‘%.2i’ directive output may be truncated writing between 2 and 7 bytes into a region of size between 0 and 4 [-Wformat-truncation=]
"%4i.%.2i", (int)tv.tv_sec,
^~~~
Note: already fixed in iproute2-next.
Signed-off-by: Stephen Hemminger <stephen@...workplumber.org>
---
bridge/mdb.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/bridge/mdb.c b/bridge/mdb.c
index 58c20b82b8a6..659cac3ff20a 100644
--- a/bridge/mdb.c
+++ b/bridge/mdb.c
@@ -55,7 +55,7 @@ static void __print_router_port_stats(FILE *f, struct rtattr *pattr)
__jiffies_to_tv(&tv,
rta_getattr_u32(tb[MDBA_ROUTER_PATTR_TIMER]));
if (jw_global) {
- char formatted_time[9];
+ char formatted_time[32];
snprintf(formatted_time, sizeof(formatted_time),
"%4i.%.2i", (int)tv.tv_sec,
@@ -184,7 +184,7 @@ static void print_mdb_entry(FILE *f, int ifindex, struct br_mdb_entry *e,
__jiffies_to_tv(&tv, rta_getattr_u32(tb[MDBA_MDB_EATTR_TIMER]));
if (jw_global) {
- char formatted_time[9];
+ char formatted_time[32];
snprintf(formatted_time, sizeof(formatted_time),
"%4i.%.2i", (int)tv.tv_sec,
--
2.16.2
Powered by blists - more mailing lists