lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 29 Aug 2023 19:11:25 +0200
From:   Helge Deller <deller@....de>
To:     Nick Desaulniers <ndesaulniers@...gle.com>
Cc:     linux-fbdev@...r.kernel.org,
        dri-devel <dri-devel@...ts.freedesktop.org>,
        clang-built-linux <llvm@...ts.linux.dev>,
        LKML <linux-kernel@...r.kernel.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Nathan Chancellor <nathan@...nel.org>
Subject: Re: truncation in drivers/video/fbdev/neofb.c

On 8/29/23 18:45, Nick Desaulniers wrote:
> Helge,
> A recent change in clang made it better about spotting snprintf that
> will result in truncation.  Nathan reported the following instances:
>
> drivers/video/fbdev/neofb.c:1959:3: warning: 'snprintf' will always be
> truncated; specified size is 16, but format string expands to at least
> 17 [-Wfortify-source]
> drivers/video/fbdev/neofb.c:1963:3: warning: 'snprintf' will always be
> truncated; specified size is 16, but format string expands to at least
> 18 [-Wfortify-source]
> drivers/video/fbdev/neofb.c:1967:3: warning: 'snprintf' will always be
> truncated; specified size is 16, but format string expands to at least
> 17 [-Wfortify-source]
> drivers/video/fbdev/neofb.c:1971:3: warning: 'snprintf' will always be
> truncated; specified size is 16, but format string expands to at least
> 17 [-Wfortify-source]
> drivers/video/fbdev/neofb.c:1978:3: warning: 'snprintf' will always be
> truncated; specified size is 16, but format string expands to at least
> 18 [-Wfortify-source]
> drivers/video/fbdev/neofb.c:1985:3: warning: 'snprintf' will always be
> truncated; specified size is 16, but format string expands to at least
> 17 [-Wfortify-source]
> drivers/video/fbdev/neofb.c:1992:3: warning: 'snprintf' will always be
> truncated; specified size is 16, but format string expands to at least
> 18 [-Wfortify-source]
>
> https://github.com/ClangBuiltLinux/linux/issues/1923
>
> Clang is right here.  `info->fix.id` is declared as `char id[16];` so
> indeed string literals like "MagicGraph 256AV+" indeed lead to
> truncation. But this is declared in include/uapi/linux/fb.h; I assume
> those headers cant be changed? Can the strings be shortened then? Is
> it perhaps time to delete this driver?
>
> I see AKPM mentioned alluded to this in
> commit 0e90454 ("neofb: avoid overwriting fb_info fields")
>
> (Also, snprintf probably isn't necessary for string literals that
> don't contain format strings)

It's just an ID field, so I don't think we need the full name of the card.
So using strscpy() and shorten the name, e.g. "MagicGr. 256XL+"
instead of "MagicGraph 256XL+" is probably the most simple solution?

Anyone want to send a patch?

Helge

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ