| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 13 Nov 2007 12:52:49 -0700 From: Matthew Wilcox <matthew@....cx> To: Linas Vepstas <linas@...tin.ibm.com> Cc: Alex Chiang <achiang@...com>, gregkh@...e.de, kristen.c.accardi@...el.com, lenb@...nel.org, rick.jones2@...com, linux-kernel@...r.kernel.org, linux-pci@...ey.karlin.mff.cuni.cz, pcihpd-discuss@...ts.sourceforge.net, linux-acpi@...r.kernel.org Subject: Re: [PATCH 2/5] Construct one fakephp slot per pci slot On Tue, Nov 13, 2007 at 01:48:15PM -0600, Linas Vepstas wrote: > On Mon, Nov 12, 2007 at 05:13:36PM -0700, Alex Chiang wrote: > > + slot->name = kmalloc(8, GFP_KERNEL); > > + sprintf(slot->name, "fake%d", count++); > > Please use snprintf to avoid buffer overruns! Or, since kmalloc can return a 32-byte object at smallest, just allocate 32 bytes and continue using sprintf. fake%d would overflow after 999,999,999,999,999,999,999,999,999 pci devices, by which time we've run the machine out of memory anyway. -- Intel are signing my paycheques ... these opinions are still mine "Bill, look, we understand that you're interested in selling us this operating system, but compare it to ours. We can't possibly take such a retrograde step." - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists