lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-Id: <1388403343-20132-1-git-send-email-sw@weilnetz.de>
Date:	Mon, 30 Dec 2013 12:35:43 +0100
From:	Stefan Weil <sw@...lnetz.de>
To:	trivial@...nel.org
Cc:	Rob Landley <rob@...dley.net>, linux-doc@...r.kernel.org,
	linux-kernel@...r.kernel.org, Stefan Weil <sw@...lnetz.de>
Subject: [PATCH] Documentation: Fix size parameter for snprintf (reported by cppcheck)

cppcheck reports this error:

Documentation/laptops/hpfall.c:33]: (error)
 Dangerous usage of 'devname' (strncpy doesn't always 0-terminate it)

The terminating '\0' is needed for the global char array unload_heads_path,
so never write the last array entry (which is initially '\0').

Signed-off-by: Stefan Weil <sw@...lnetz.de>
---

This is only code in the documentation, nevertheless even there a correction
might help other users.

Cheers and happy new year

Stefan Weil

 Documentation/laptops/hpfall.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Documentation/laptops/hpfall.c b/Documentation/laptops/hpfall.c
index a4a8fc5..b85dbba 100644
--- a/Documentation/laptops/hpfall.c
+++ b/Documentation/laptops/hpfall.c
@@ -29,7 +29,7 @@ int set_unload_heads_path(char *device)
 		return -EINVAL;
 	strncpy(devname, device + 5, sizeof(devname));
 
-	snprintf(unload_heads_path, sizeof(unload_heads_path),
+	snprintf(unload_heads_path, sizeof(unload_heads_path) - 1,
 				"/sys/block/%s/device/unload_heads", devname);
 	return 0;
 }
-- 
1.7.10.4

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ