lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Jul 2017 14:53:01 +0200 From: Hans Verkuil <hverkuil@...all.nl> To: Arnd Bergmann <arnd@...db.de>, linux-kernel@...r.kernel.org, Mauro Carvalho Chehab <mchehab@...nel.org> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Guenter Roeck <linux@...ck-us.net>, akpm@...ux-foundation.org, netdev@...r.kernel.org, "David S . Miller" <davem@...emloft.net>, "James E . J . Bottomley" <jejb@...ux.vnet.ibm.com>, "Martin K . Petersen" <martin.petersen@...cle.com>, linux-scsi@...r.kernel.org, x86@...nel.org, Sakari Ailus <sakari.ailus@...ux.intel.com>, linux-media@...r.kernel.org Subject: Re: [PATCH 14/22] [media] usbvision-i2c: fix format overflow warning On 14/07/17 14:07, Arnd Bergmann wrote: > gcc-7 notices that we copy a fixed length string into another > string of the same size, with additional characters: > > drivers/media/usb/usbvision/usbvision-i2c.c: In function 'usbvision_i2c_register': > drivers/media/usb/usbvision/usbvision-i2c.c:190:36: error: '%d' directive writing between 1 and 11 bytes into a region of size between 0 and 47 [-Werror=format-overflow=] > sprintf(usbvision->i2c_adap.name, "%s-%d-%s", i2c_adap_template.name, > ^~~~~~~~~~ > drivers/media/usb/usbvision/usbvision-i2c.c:190:2: note: 'sprintf' output between 4 and 76 bytes into a destination of size 48 > > We know this is fine as the template name is always "usbvision", so > we can easily avoid the warning by using this as the format string > directly. Hmm, how about replacing sprintf by snprintf? That feels a lot safer (this is very old code, it's not surprising it is still using sprintf). Regards, Hans > > Signed-off-by: Arnd Bergmann <arnd@...db.de> > --- > drivers/media/usb/usbvision/usbvision-i2c.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/drivers/media/usb/usbvision/usbvision-i2c.c b/drivers/media/usb/usbvision/usbvision-i2c.c > index fdf6b6e285da..aae9f69884da 100644 > --- a/drivers/media/usb/usbvision/usbvision-i2c.c > +++ b/drivers/media/usb/usbvision/usbvision-i2c.c > @@ -187,8 +187,8 @@ int usbvision_i2c_register(struct usb_usbvision *usbvision) > > usbvision->i2c_adap = i2c_adap_template; > > - sprintf(usbvision->i2c_adap.name, "%s-%d-%s", i2c_adap_template.name, > - usbvision->dev->bus->busnum, usbvision->dev->devpath); > + sprintf(usbvision->i2c_adap.name, "usbvision-%d-%s", > + usbvision->dev->bus->busnum, usbvision->dev->devpath); > PDEBUG(DBG_I2C, "Adaptername: %s", usbvision->i2c_adap.name); > usbvision->i2c_adap.dev.parent = &usbvision->dev->dev; > >
Powered by blists - more mailing lists