lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 29 May 2018 01:10:30 +0000 From: Andy Duan <fugang.duan@....com> To: Arnd Bergmann <arnd@...db.de>, "David S. Miller" <davem@...emloft.net> CC: Fabio Estevam <fabio.estevam@....com>, Andrew Lunn <andrew@...n.ch>, Troy Kisky <troy.kisky@...ndarydevices.com>, Florian Fainelli <f.fainelli@...il.com>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: RE: [PATCH, net-next] net: ethernet: freescale: fix false-positive string overflow warning From: Arnd Bergmann <arnd@...db.de> Sent: 2018年5月28日 23:50 > While compile-testing on arm64 with gcc-8.1, I ran into a build diagnostic: > > drivers/net/ethernet/freescale/fec_main.c: In function 'fec_probe': > drivers/net/ethernet/freescale/fec_main.c:3517:25: error: '%d' directive > writing between 1 and 10 bytes into a region of size 5 > [-Werror=format-overflow=] > sprintf(irq_name, "int%d", i); > ^~ > drivers/net/ethernet/freescale/fec_main.c:3517:21: note: directive > argument in the range [0, 2147483646] > sprintf(irq_name, "int%d", i); > ^~~~~~~ > drivers/net/ethernet/freescale/fec_main.c:3517:3: note: 'sprintf' output > between 5 and 14 bytes into a destination of size 8 > sprintf(irq_name, "int%d", i); > ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > It appears this has never shown on ppc32 or arm32 for an unknown > reason, but now gcc fails to identify that the 'irq_cnt' loop index has an > upper bound of 3, and instead uses a bogus range. > > To work around the warning, this changes the sprintf to snprintf with the > correct buffer length. > > Fixes: 78cc6e7ef957 ("net: ethernet: freescale: Allow FEC with > COMPILE_TEST") > Signed-off-by: Arnd Bergmann <arnd@...db.de> Acked-by: Fugang Duan <fugang.duan@....com> > --- > drivers/net/ethernet/freescale/fec_main.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/net/ethernet/freescale/fec_main.c > b/drivers/net/ethernet/freescale/fec_main.c > index ab7521c04eb2..c729665107f5 100644 > --- a/drivers/net/ethernet/freescale/fec_main.c > +++ b/drivers/net/ethernet/freescale/fec_main.c > @@ -3514,7 +3514,7 @@ fec_probe(struct platform_device *pdev) > goto failed_init; > > for (i = 0; i < irq_cnt; i++) { > - sprintf(irq_name, "int%d", i); > + snprintf(irq_name, sizeof(irq_name), "int%d", i); > irq = platform_get_irq_byname(pdev, irq_name); > if (irq < 0) > irq = platform_get_irq(pdev, i); > -- > 2.9.0
Powered by blists - more mailing lists