lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 26 Sep 2018 10:37:12 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     arnd@...db.de
Cc:     andrew@...n.ch, f.fainelli@...il.com, quentin.schulz@...tlin.com,
        alexandre.belloni@...tlin.com, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH net-next] phy: mscc: fix printf format

From: Arnd Bergmann <arnd@...db.de>
Date: Wed, 26 Sep 2018 15:20:11 +0200

> gcc points out that the length of the temporary buffer may not be sufficient for
> large numbers of leds:
> 
> drivers/net/phy/mscc.c: In function 'vsc85xx_probe':
> drivers/net/phy/mscc.c:460:45: error: '-mode' directive writing 5 bytes into a region of size between 0 and 9 [-Werror=format-overflow=]
>    ret = sprintf(led_dt_prop, "vsc8531,led-%d-mode", i);
>                                              ^~~~~
> drivers/net/phy/mscc.c:460:9: note: 'sprintf' output between 19 and 28 bytes into a destination of size 22
>    ret = sprintf(led_dt_prop, "vsc8531,led-%d-mode", i);
>          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> While we can make a reasonable assumption that the number of LEDs is small,
> the cost of making the buffer a little bigger is insignificant as well.
> 
> Fixes: 11bfdabb7ff5 ("net: phy: mscc: factorize code for LEDs mode")
> Signed-off-by: Arnd Bergmann <arnd@...db.de>

Applied.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ