lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 Nov 2017 12:45:33 -0800 From: Darren Hart <dvhart@...radead.org> To: Arnd Bergmann <arnd@...db.de> Cc: Pali Rohár <pali.rohar@...il.com>, Mario Limonciello <mario.limonciello@...l.com>, Andy Shevchenko <andy@...radead.org>, Edward O'Callaghan <quasisec@...gle.com>, Hans de Goede <hdegoede@...hat.com>, platform-driver-x86@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] dell-smbios: fix string overflow On Wed, Nov 08, 2017 at 01:08:39PM +0100, Arnd Bergmann wrote: > The new sysfs code overwrites two fixed-length character arrays > that are each one byte shorter than they need to be, to hold > the trailing \0: > > drivers/platform/x86/dell-smbios.c: In function 'build_tokens_sysfs': > drivers/platform/x86/dell-smbios.c:494:42: error: 'sprintf' writing a terminating nul past the end of the destination [-Werror=format-overflow=] > sprintf(buffer_location, "%04x_location", > drivers/platform/x86/dell-smbios.c:494:3: note: 'sprintf' output 14 bytes into a destination of size 13 > drivers/platform/x86/dell-smbios.c:506:36: error: 'sprintf' writing a terminating nul past the end of the destination [-Werror=format-overflow=] > sprintf(buffer_value, "%04x_value", > drivers/platform/x86/dell-smbios.c:506:3: note: 'sprintf' output 11 bytes into a destination of size 10 > > This changes it to just use kasprintf(), which always gets it right. > > Fixes: 33b9ca1e53b4 ("platform/x86: dell-smbios: Add a sysfs interface for SMBIOS tokens") > Signed-off-by: Arnd Bergmann <arnd@...db.de> Queued, thanks Arnd. Yes, please keep the error messages. Costs us nothing and can be useful to have. I corrected the prefix as noted, and added the details of the gcc and reverted patch for reproducer context. -- Darren Hart VMware Open Source Technology Center
Powered by blists - more mailing lists