| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGXu5jKgGvD8DkVptiDPeQmPECDVJEhLJJjp0ZtnE3dqm6hE1A@mail.gmail.com>
Date: Tue, 6 Jan 2015 11:13:38 -0800
From: Kees Cook <keescook@...omium.org>
To: Mark Salyzyn <salyzyn@...roid.com>
Cc: LKML <linux-kernel@...r.kernel.org>, Joe Perches <joe@...ches.com>,
Anton Vorontsov <anton@...msg.org>,
Colin Cross <ccross@...roid.com>,
Tony Luck <tony.luck@...el.com>
Subject: Re: [PATCH v2 1/3] pstore: use scnprintf
On Tue, Jan 6, 2015 at 9:48 AM, Mark Salyzyn <salyzyn@...roid.com> wrote:
> No guarantees that the names will not exceed the
> name buffer with future adjustments.
>
> Signed-off-by: Mark Salyzyn <salyzyn@...roid.com>
Acked-by: Kees Cook <keescook@...omium.org>
Thanks!
-Kees
> ---
> fs/pstore/inode.c | 23 +++++++++++++----------
> 1 file changed, 13 insertions(+), 10 deletions(-)
>
> diff --git a/fs/pstore/inode.c b/fs/pstore/inode.c
> index 5041660..1948567 100644
> --- a/fs/pstore/inode.c
> +++ b/fs/pstore/inode.c
> @@ -338,32 +338,35 @@ int pstore_mkfile(enum pstore_type_id type, char *psname, u64 id, int count,
>
> switch (type) {
> case PSTORE_TYPE_DMESG:
> - sprintf(name, "dmesg-%s-%lld%s", psname, id,
> - compressed ? ".enc.z" : "");
> + scnprintf(name, sizeof(name), "dmesg-%s-%lld%s",
> + psname, id, compressed ? ".enc.z" : "");
> break;
> case PSTORE_TYPE_CONSOLE:
> - sprintf(name, "console-%s-%lld", psname, id);
> + scnprintf(name, sizeof(name), "console-%s-%lld", psname, id);
> break;
> case PSTORE_TYPE_FTRACE:
> - sprintf(name, "ftrace-%s-%lld", psname, id);
> + scnprintf(name, sizeof(name), "ftrace-%s-%lld", psname, id);
> break;
> case PSTORE_TYPE_MCE:
> - sprintf(name, "mce-%s-%lld", psname, id);
> + scnprintf(name, sizeof(name), "mce-%s-%lld", psname, id);
> break;
> case PSTORE_TYPE_PPC_RTAS:
> - sprintf(name, "rtas-%s-%lld", psname, id);
> + scnprintf(name, sizeof(name), "rtas-%s-%lld", psname, id);
> break;
> case PSTORE_TYPE_PPC_OF:
> - sprintf(name, "powerpc-ofw-%s-%lld", psname, id);
> + scnprintf(name, sizeof(name), "powerpc-ofw-%s-%lld",
> + psname, id);
> break;
> case PSTORE_TYPE_PPC_COMMON:
> - sprintf(name, "powerpc-common-%s-%lld", psname, id);
> + scnprintf(name, sizeof(name), "powerpc-common-%s-%lld",
> + psname, id);
> break;
> case PSTORE_TYPE_UNKNOWN:
> - sprintf(name, "unknown-%s-%lld", psname, id);
> + scnprintf(name, sizeof(name), "unknown-%s-%lld", psname, id);
> break;
> default:
> - sprintf(name, "type%d-%s-%lld", type, psname, id);
> + scnprintf(name, sizeof(name), "type%d-%s-%lld",
> + type, psname, id);
> break;
> }
>
> --
> 2.2.0.rc0.207.ga3a616c
>
--
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists