| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20090323164745.GB5988@nowhere> Date: Mon, 23 Mar 2009 17:47:46 +0100 From: Frederic Weisbecker <fweisbec@...il.com> To: mingo@...hat.com, hpa@...or.com, linux-kernel@...r.kernel.org, rostedt@...dmis.org, tglx@...utronix.de, daniel@...aq.de, mingo@...e.hu Cc: linux-tip-commits@...r.kernel.org Subject: Re: [tip:tracing/ftrace] kernel/trace/trace_functions_graph.c: fix nsecs_str buffer size On Mon, Mar 23, 2009 at 04:42:27PM +0000, Daniel Mack wrote: > Commit-ID: 603b9b9081ae0a1af986b9059a0a5055876ddea9 > Gitweb: http://git.kernel.org/tip/603b9b9081ae0a1af986b9059a0a5055876ddea9 > Author: Daniel Mack <daniel@...aq.de> > AuthorDate: Mon, 23 Mar 2009 17:10:37 +0100 > Committer: Ingo Molnar <mingo@...e.hu> > CommitDate: Mon, 23 Mar 2009 17:40:51 +0100 > > kernel/trace/trace_functions_graph.c: fix nsecs_str buffer size > > Impact: fix currently inactive buffer-overflow > > In kernel/trace/trace_functions_graph.c, print_graph_duration(), > len can be as low as 1 or 2, which could make snprintf() write > beyond the buffer bounds. (Found by cppcheck, no real-world bug > occured) > > Signed-off-by: Daniel Mack <daniel@...aq.de> > Cc: Steven Rostedt <rostedt@...dmis.org> > Cc: Frederic Weisbecker <fweisbec@...il.com> > LKML-Reference: <1237824637-28190-1-git-send-email-daniel@...aq.de> > Signed-off-by: Ingo Molnar <mingo@...e.hu> > > > --- > kernel/trace/trace_functions_graph.c | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) Ingo, as I explained to Daniel before (I should have Cc you), there is no overflow to protect here, so this patch will not change anything. This is my bad, I should better comment my code. Frederic. > diff --git a/kernel/trace/trace_functions_graph.c b/kernel/trace/trace_functions_graph.c > index e876816..a305472 100644 > --- a/kernel/trace/trace_functions_graph.c > +++ b/kernel/trace/trace_functions_graph.c > @@ -430,7 +430,7 @@ print_graph_duration(unsigned long long duration, struct trace_seq *s) > unsigned long nsecs_rem = do_div(duration, 1000); > /* log10(ULONG_MAX) + '\0' */ > char msecs_str[21]; > - char nsecs_str[5]; > + char nsecs_str[8]; > int ret, len; > int i; > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists