| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1237824637-28190-1-git-send-email-daniel@caiaq.de> Date: Mon, 23 Mar 2009 17:10:37 +0100 From: Daniel Mack <daniel@...aq.de> To: linux-kernel@...r.kernel.org Cc: Daniel Mack <daniel@...aq.de> Subject: [PATCH] kernel/trace/trace_functions_graph.c: fix nsecs_str buffer size In kernel/trace/trace_functions_graph.c, print_graph_duration(), len can be as low as 1 or 2, which could make snprintf() write beyond the buffer bounds. (Found by cppcheck, no real-world bug occured) Signed-off-by: Daniel Mack <daniel@...aq.de> --- kernel/trace/trace_functions_graph.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/kernel/trace/trace_functions_graph.c b/kernel/trace/trace_functions_graph.c index 930c08e..7533b25 100644 --- a/kernel/trace/trace_functions_graph.c +++ b/kernel/trace/trace_functions_graph.c @@ -281,7 +281,7 @@ print_graph_duration(unsigned long long duration, struct trace_seq *s) unsigned long nsecs_rem = do_div(duration, 1000); /* log10(ULONG_MAX) + '\0' */ char msecs_str[21]; - char nsecs_str[5]; + char nsecs_str[8]; int ret, len; int i; -- 1.6.2 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists