lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <Y4JJ8Dyz7urLz/IM@lunn.ch> Date: Sat, 26 Nov 2022 18:16:32 +0100 From: Andrew Lunn <andrew@...n.ch> To: Vincent Mailhol <mailhol.vincent@...adoo.fr> Cc: linux-can@...r.kernel.org, Marc Kleine-Budde <mkl@...gutronix.de>, linux-kernel@...r.kernel.org, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, netdev@...r.kernel.org, linux-usb@...r.kernel.org, Saeed Mahameed <saeed@...nel.org>, Jiri Pirko <jiri@...dia.com>, Lukas Magel <lukas.magel@...teo.net> Subject: Re: [PATCH v4 3/6] can: etas_es58x: export product information through devlink_ops::info_get() > +struct es58x_sw_version { > + u8 major; > + u8 minor; > + u8 revision; > +}; > +static int es58x_devlink_info_get(struct devlink *devlink, > + struct devlink_info_req *req, > + struct netlink_ext_ack *extack) > +{ > + struct es58x_device *es58x_dev = devlink_priv(devlink); > + struct es58x_sw_version *fw_ver = &es58x_dev->firmware_version; > + struct es58x_sw_version *bl_ver = &es58x_dev->bootloader_version; > + struct es58x_hw_revision *hw_rev = &es58x_dev->hardware_revision; > + char buf[max(sizeof("xx.xx.xx"), sizeof("axxx/xxx"))]; > + int ret = 0; > + > + if (es58x_sw_version_is_set(fw_ver)) { > + snprintf(buf, sizeof(buf), "%02u.%02u.%02u", > + fw_ver->major, fw_ver->minor, fw_ver->revision); I see you have been very careful here, but i wonder if you might still get some compiler/static code analyser warnings here. As far as i remember %02u does not limit it to two characters. If the number is bigger than 99, it will take three characters. And your types are u8, so the compiler could consider these to be 3 characters each. So you end up truncating. Which you look to of done correctly, but i wonder if some over zealous checker will report it? Maybe consider "xxx.xxx.xxx"? Nice paranoid code by the way. I'm not the best at spotting potential buffer overflows, but this code looks good. The only question i had left was how well sscanf() deals with UTF-8. Andrew
Powered by blists - more mailing lists