| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200409130434.6736-2-ardb@kernel.org>
Date: Thu, 9 Apr 2020 15:04:26 +0200
From: Ard Biesheuvel <ardb@...nel.org>
To: linux-efi@...r.kernel.org, Ingo Molnar <mingo@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>
Cc: Ard Biesheuvel <ardb@...nel.org>, linux-kernel@...r.kernel.org,
Arnd Bergmann <arnd@...db.de>,
Arvind Sankar <nivedita@...m.mit.edu>,
Borislav Petkov <bp@...e.de>,
Colin Ian King <colin.king@...onical.com>,
Gary Lin <glin@...e.com>, Jiri Slaby <jslaby@...e.cz>,
Sergey Shatunov <me@...k.pw>, Takashi Iwai <tiwai@...e.de>
Subject: [PATCH 1/9] efi/cper: Use scnprintf() for avoiding potential buffer overflow
From: Takashi Iwai <tiwai@...e.de>
Since snprintf() returns the would-be-output size instead of the
actual output size, the succeeding calls may go beyond the given
buffer limit. Fix it by replacing with scnprintf().
Signed-off-by: Takashi Iwai <tiwai@...e.de>
Link: https://lore.kernel.org/r/20200311072145.5001-1-tiwai@suse.de
Signed-off-by: Ard Biesheuvel <ardb@...nel.org>
---
drivers/firmware/efi/cper.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/firmware/efi/cper.c b/drivers/firmware/efi/cper.c
index b1af0de2e100..9d2512913d25 100644
--- a/drivers/firmware/efi/cper.c
+++ b/drivers/firmware/efi/cper.c
@@ -101,7 +101,7 @@ void cper_print_bits(const char *pfx, unsigned int bits,
if (!len)
len = snprintf(buf, sizeof(buf), "%s%s", pfx, str);
else
- len += snprintf(buf+len, sizeof(buf)-len, ", %s", str);
+ len += scnprintf(buf+len, sizeof(buf)-len, ", %s", str);
}
if (len)
printk("%s\n", buf);
--
2.17.1
Powered by blists - more mailing lists