| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Oct 2021 08:57:56 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Qing Wang <wangqing@...o.com>
Cc: Jiri Slaby <jirislaby@...nel.org>, Joel Stanley <joel@....id.au>,
Andrew Jeffery <andrew@...id.au>, linux-serial@...r.kernel.org,
linux-arm-kernel@...ts.infradead.org,
linux-aspeed@...ts.ozlabs.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] tty: 8250: replace snprintf in show functions with
sysfs_emit
On Thu, Oct 14, 2021 at 11:51:22PM -0700, Qing Wang wrote:
> show() must not use snprintf() when formatting the value to be
> returned to user space.
Why must it not? What is broken in the existing code?
>
> Fix the coccicheck warnings:
> WARNING: use scnprintf or sprintf.
>
> Signed-off-by: Qing Wang <wangqing@...o.com>
> ---
> drivers/tty/serial/8250/8250_aspeed_vuart.c | 6 +++---
> drivers/tty/serial/8250/8250_port.c | 2 +-
> 2 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/tty/serial/8250/8250_aspeed_vuart.c b/drivers/tty/serial/8250/8250_aspeed_vuart.c
> index 2350fb3..082b9bd 100644
> --- a/drivers/tty/serial/8250/8250_aspeed_vuart.c
> +++ b/drivers/tty/serial/8250/8250_aspeed_vuart.c
> @@ -82,7 +82,7 @@ static ssize_t lpc_address_show(struct device *dev,
> addr = (aspeed_vuart_readb(vuart, ASPEED_VUART_ADDRH) << 8) |
> (aspeed_vuart_readb(vuart, ASPEED_VUART_ADDRL));
>
> - return snprintf(buf, PAGE_SIZE - 1, "0x%x\n", addr);
> + return sysfs_emit(buf - 1, "0x%x\n", addr);
what is the buf-1 thing here for?
Doing a tree-wide change for this type of thing might not be wanted by
many maintainers, especially if you introduce bugs like this :(
greg k-h
Powered by blists - more mailing lists