[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <PUZP153MB0749E4AA8A8039412DC87080BE4D9@PUZP153MB0749.APCP153.PROD.OUTLOOK.COM>
Date: Mon, 19 Sep 2022 16:47:25 +0000
From: Saurabh Singh Sengar <ssengar@...rosoft.com>
To: Saurabh Sengar <ssengar@...ux.microsoft.com>,
"song@...nel.org" <song@...nel.org>, "shli@...com" <shli@...com>,
"neilb@...e.com" <neilb@...e.com>,
"linux-raid@...r.kernel.org" <linux-raid@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"Michael Kelley (LINUX)" <mikelley@...rosoft.com>,
"guoqing.jiang@...ux.dev" <guoqing.jiang@...ux.dev>
Subject: RE: [PATCH v2] md : Replace snprintf with scnprintf
Is this queued for 6.0 ?
> -----Original Message-----
> From: Saurabh Sengar <ssengar@...ux.microsoft.com>
> Sent: Wednesday, August 24, 2022 12:21 AM
> To: song@...nel.org; shli@...com; neilb@...e.com; linux-
> raid@...r.kernel.org; linux-kernel@...r.kernel.org; Saurabh Singh Sengar
> <ssengar@...rosoft.com>; Michael Kelley (LINUX)
> <mikelley@...rosoft.com>; guoqing.jiang@...ux.dev
> Subject: [PATCH v2] md : Replace snprintf with scnprintf
>
> Current code produces a warning as shown below when total characters in
> the constituent block device names plus the slashes exceeds 200.
> snprintf() returns the number of characters generated from the given input,
> which could cause the expression “200 – len” to wrap around to a large
> positive number. Fix this by using scnprintf() instead, which returns the
> actual number of characters written into the buffer.
>
> [ 1513.267938] ------------[ cut here ]------------ [ 1513.267943] WARNING:
> CPU: 15 PID: 37247 at <snip>/lib/vsprintf.c:2509 vsnprintf+0x2c8/0x510 [
> 1513.267944] Modules linked in: <snip> [ 1513.267969] CPU: 15 PID: 37247
> Comm: mdadm Not tainted 5.4.0-1085-azure #90~18.04.1-Ubuntu [
> 1513.267969] Hardware name: Microsoft Corporation Virtual Machine/Virtual
> Machine, BIOS Hyper-V UEFI Release v4.1 05/09/2022 [ 1513.267971] RIP:
> 0010:vsnprintf+0x2c8/0x510 <-snip-> [ 1513.267982] Call Trace:
> [ 1513.267986] snprintf+0x45/0x70
> [ 1513.267990] ? disk_name+0x71/0xa0
> [ 1513.267993] dump_zones+0x114/0x240 [raid0] [ 1513.267996] ?
> _cond_resched+0x19/0x40 [ 1513.267998] raid0_run+0x19e/0x270 [raid0] [
> 1513.268000] md_run+0x5e0/0xc50 [ 1513.268003] ?
> security_capable+0x3f/0x60 [ 1513.268005] do_md_run+0x19/0x110 [
> 1513.268006] md_ioctl+0x195e/0x1f90 [ 1513.268007]
> blkdev_ioctl+0x91f/0x9f0 [ 1513.268010] block_ioctl+0x3d/0x50 [
> 1513.268012] do_vfs_ioctl+0xa9/0x640 [ 1513.268014] ? __fput+0x162/0x260
> [ 1513.268016] ksys_ioctl+0x75/0x80 [ 1513.268017]
> __x64_sys_ioctl+0x1a/0x20 [ 1513.268019] do_syscall_64+0x5e/0x200 [
> 1513.268021] entry_SYSCALL_64_after_hwframe+0x44/0xa9
>
> Fixes: 766038846e875 ("md/raid0: replace printk() with pr_*()")
> Reviewed-by: Michael Kelley <mikelley@...rosoft.com>
> Acked-by: Guoqing Jiang <guoqing.jiang@...ux.dev>
> Signed-off-by: Saurabh Sengar <ssengar@...ux.microsoft.com>
> ---
> V2 :
> - Rebase
>
> drivers/md/raid0.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/md/raid0.c b/drivers/md/raid0.c index 78addfe..857c493
> 100644
> --- a/drivers/md/raid0.c
> +++ b/drivers/md/raid0.c
> @@ -47,7 +47,7 @@ static void dump_zones(struct mddev *mddev)
> int len = 0;
>
> for (k = 0; k < conf->strip_zone[j].nb_dev; k++)
> - len += snprintf(line+len, 200-len, "%s%pg", k?"/":"",
> + len += scnprintf(line+len, 200-len, "%s%pg", k?"/":"",
> conf->devlist[j * raid_disks + k]->bdev);
> pr_debug("md: zone%d=[%s]\n", j, line);
>
> --
> 1.8.3.1
Powered by blists - more mailing lists