| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 14 Jul 2017 09:03:55 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: arnd@...db.de
Cc: linux-kernel@...r.kernel.org, sgoutham@...ium.com, rric@...nel.org,
gregkh@...uxfoundation.org, torvalds@...ux-foundation.org,
linux@...ck-us.net, akpm@...ux-foundation.org,
netdev@...r.kernel.org, jejb@...ux.vnet.ibm.com,
martin.petersen@...cle.com, linux-scsi@...r.kernel.org,
x86@...nel.org, tsrinivasulu@...ium.com, george.cherian@...ium.com,
Vadim.Lomovtsev@...iumnetworks.com, rchintakuntla@...ium.com,
linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH 11/22] net: thunder_bgx: avoid format string overflow
warning
From: Arnd Bergmann <arnd@...db.de>
Date: Fri, 14 Jul 2017 14:07:03 +0200
> gcc warns that the temporary buffer might be too small here:
>
> drivers/net/ethernet/cavium/thunder/thunder_bgx.c: In function 'bgx_probe':
> drivers/net/ethernet/cavium/thunder/thunder_bgx.c:1020:16: error: '%d' directive writing between 1 and 10 bytes into a region of size between 9 and 11 [-Werror=format-overflow=]
> sprintf(str, "BGX%d LMAC%d mode", bgx->bgx_id, lmacid);
> ^~~~~~~~~~~~~~~~~~~
> drivers/net/ethernet/cavium/thunder/thunder_bgx.c:1020:16: note: directive argument in the range [0, 2147483647]
> drivers/net/ethernet/cavium/thunder/thunder_bgx.c:1020:3: note: 'sprintf' output between 16 and 27 bytes into a destination of size 20
>
> This probably can't happen, but it can't hurt to make it long
> enough for the theoretical limit.
>
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
Applied.
Powered by blists - more mailing lists