| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Oct 2017 10:28:41 +0200
From: Eric Sesterhenn <eric.sesterhenn@...-dsec.de>
To: linux-kernel@...r.kernel.org
Subject: [PATCH 7/7] Handle snprintf truncation more graceful in thunderx_edac
When snprintf truncates the string, size might underflow
causing a WARN_ON_ONCE in the snprintf in the next iteration.
Signed-off-by: Eric Sesterhenn <eric.sesterhenn@...-dsec.de>
---
drivers/edac/thunderx_edac.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/edac/thunderx_edac.c b/drivers/edac/thunderx_edac.c
index f35d87519a3e..aedf3412f38c 100644
--- a/drivers/edac/thunderx_edac.c
+++ b/drivers/edac/thunderx_edac.c
@@ -59,6 +59,8 @@ static void decode_register(char *str, size_t size,
descr->type == ERR_CORRECTED ?
"Corrected" : "Uncorrected",
descr->descr);
+ if (ret > size)
+ return;
str += ret;
size -= ret;
}
--
Eric Sesterhenn (Principal Security Consultant)
X41 D-SEC GmbH, Dennewartstr. 25-27, D-52068 Aachen
T: +49 241 9809418-0, Fax: -9
Unternehmenssitz: Aachen, Amtsgericht Aachen: HRB19989
Geschäftsführer: Markus Vervier
Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists