| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20160310235642.GA2586@kroah.com>
Date: Thu, 10 Mar 2016 15:56:42 -0800
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Joe Perches <joe@...ches.com>
Cc: Rasmus Villemoes <linux@...musvillemoes.dk>,
Kees Cook <keescook@...omium.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Duncan Sands <duncan.sands@...e.fr>, linux-usb@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [RFC 7/7] USB: usbatm: avoid fragile and inefficient snprintf use
On Tue, Mar 08, 2016 at 01:01:09PM -0800, Joe Perches wrote:
> On Tue, 2016-03-08 at 21:40 +0100, Rasmus Villemoes wrote:
> > Passing overlapping source and destination is fragile, and in this
> > case we can even simplify the code and avoid the huge stack buffer by
> > using the %p extension for printing a small hex dump.
> []
> > diff --git a/drivers/usb/atm/usbatm.c b/drivers/usb/atm/usbatm.c
> []
> > @@ -1331,15 +1331,12 @@ MODULE_VERSION(DRIVER_VERSION);
> > static int usbatm_print_packet(struct usbatm_data *instance,
> > const unsigned char *data, int len)
> > {
> > - unsigned char buffer[256];
> > - int i = 0, j = 0;
> > + int i, j;
> >
> > for (i = 0; i < len;) {
> > - buffer[0] = '\0';
> > - sprintf(buffer, "%.3d :", i);
> > - for (j = 0; (j < 16) && (i < len); j++, i++)
> > - sprintf(buffer, "%s %2.2x", buffer, data[i]);
> > - dev_dbg(&instance->usb_intf->dev, "%s", buffer);
> > + j = min(16, len-i);
> > + dev_dbg(&instance->usb_intf->dev, "%.3d : %*ph", i, j, data + i);
> > + i += j;
> > }
> > return i;
> > }
>
> Maybe use print_dump_hex_debug()
Yes, please use that instead.
Powered by blists - more mailing lists