| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Jul 2017 16:29:58 +0200
From: Arnd Bergmann <arnd@...db.de>
To: Hans Verkuil <hverkuil@...all.nl>,
Mauro Carvalho Chehab <mchehab@...nel.org>
Cc: Arnd Bergmann <arnd@...db.de>,
Sakari Ailus <sakari.ailus@...ux.intel.com>,
linux-media@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH] [v2] [media] usbvision-i2c: fix format overflow warning
gcc-7 notices that we copy a fixed length string into another
string of the same size, with additional characters:
drivers/media/usb/usbvision/usbvision-i2c.c: In function 'usbvision_i2c_register':
drivers/media/usb/usbvision/usbvision-i2c.c:190:36: error: '%d' directive writing between 1 and 11 bytes into a region of size between 0 and 47 [-Werror=format-overflow=]
sprintf(usbvision->i2c_adap.name, "%s-%d-%s", i2c_adap_template.name,
^~~~~~~~~~
drivers/media/usb/usbvision/usbvision-i2c.c:190:2: note: 'sprintf' output between 4 and 76 bytes into a destination of size 48
Using snprintf() makes the code more robust in general, but will still
trigger a possible warning about truncation in the string.
We know this won't happen as the template name is always "usbvision", so
we can easily avoid the warning as well by using this as the format string
directly.
Signed-off-by: Arnd Bergmann <arnd@...db.de>
---
v2: use snprintf()
---
drivers/media/usb/usbvision/usbvision-i2c.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/drivers/media/usb/usbvision/usbvision-i2c.c b/drivers/media/usb/usbvision/usbvision-i2c.c
index fdf6b6e285da..38749331e7df 100644
--- a/drivers/media/usb/usbvision/usbvision-i2c.c
+++ b/drivers/media/usb/usbvision/usbvision-i2c.c
@@ -187,8 +187,9 @@ int usbvision_i2c_register(struct usb_usbvision *usbvision)
usbvision->i2c_adap = i2c_adap_template;
- sprintf(usbvision->i2c_adap.name, "%s-%d-%s", i2c_adap_template.name,
- usbvision->dev->bus->busnum, usbvision->dev->devpath);
+ snprintf(usbvision->i2c_adap.name, sizeof(usbvision->i2c_adap.name),
+ "usbvision-%d-%s",
+ usbvision->dev->bus->busnum, usbvision->dev->devpath);
PDEBUG(DBG_I2C, "Adaptername: %s", usbvision->i2c_adap.name);
usbvision->i2c_adap.dev.parent = &usbvision->dev->dev;
--
2.9.0
Powered by blists - more mailing lists