lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1276635155.3556.26.camel@gandalf.stny.rr.com>
Date:	Tue, 15 Jun 2010 16:52:35 -0400
From:	Steven Rostedt <rostedt@...dmis.org>
To:	Chase Douglas <chase.douglas@...onical.com>
Cc:	Frederic Weisbecker <fweisbec@...il.com>,
	Ingo Molnar <mingo@...hat.com>, Jiri Olsa <jolsa@...hat.com>,
	Tejun Heo <tj@...nel.org>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] tracing: use correct string size for snprintf

On Tue, 2010-06-15 at 12:29 -0400, Chase Douglas wrote:
> The nsecs_str string is a local variable defined as:
> 
> char nsecs_str[5];
> 
> It is possible for the snprintf call to use a size value larger than the
> size of the string. This should not cause a buffer overrun as it is
> written now due to the maximum size of the string format. However, this
> change makes it correct. By making the size correct we guard against
> potential future changes that could actually cause a buffer overrun.
> 
> Cc: stable@...nel.org

I see that because nsecs_str is based off of nsecs_rem which is the
remainder of a division of a 1000, that it wont ever be more than 4 in
length. For this, I'll remove the "Cc: stable" part and queue it for 36.
No urgent need for now.

But I still think it should be added, just because it looks to fragile
to have what is in the kernel now.

Thanks!

-- Steve

> Signed-off-by: Chase Douglas <chase.douglas@...onical.com>
> ---
>  kernel/trace/trace_functions_graph.c |    3 ++-
>  1 files changed, 2 insertions(+), 1 deletions(-)
> 
> diff --git a/kernel/trace/trace_functions_graph.c b/kernel/trace/trace_functions_graph.c
> index 79f4bac..73d6bd1 100644
> --- a/kernel/trace/trace_functions_graph.c
> +++ b/kernel/trace/trace_functions_graph.c
> @@ -641,7 +641,8 @@ trace_print_graph_duration(unsigned long long duration, struct trace_seq *s)
>  
>  	/* Print nsecs (we don't want to exceed 7 numbers) */
>  	if (len < 7) {
> -		snprintf(nsecs_str, 8 - len, "%03lu", nsecs_rem);
> +		snprintf(nsecs_str, min(sizeof(nsecs_str), 8 - len), "%03lu",
> +			 nsecs_rem);
>  		ret = trace_seq_printf(s, ".%s", nsecs_str);
>  		if (!ret)
>  			return TRACE_TYPE_PARTIAL_LINE;


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ