lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <87cyym4blx.wl-tiwai@suse.de>
Date:   Wed, 13 Sep 2023 12:21:46 +0200
From:   Takashi Iwai <tiwai@...e.de>
To:     Peter Ujfalusi <peter.ujfalusi@...ux.intel.com>
Cc:     tiwai@...e.com, perex@...ex.cz, arnd@...db.de,
        masahiroy@...nel.org, linux-kernel@...r.kernel.org,
        alsa-devel@...a-project.org, maciej.szmigiero@...cle.com
Subject: Re: [PATCH] ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit

On Wed, 13 Sep 2023 11:39:33 +0200,
Peter Ujfalusi wrote:
> 
> The kctl->id.name can be directly passed to snd_usb_copy_string_desc() and
> if the string has been fetched the suffix can be appended with the
> append_ctl_name() call.
> The temporary name string becomes redundant and can be removed.
> 
> This change will also fixes the following compiler warning/error (W=1):
> 
> sound/usb/mixer.c: In function ‘parse_audio_unit’:
> sound/usb/mixer.c:1972:29: error: ‘ Validity’ directive output may be truncated writing 9 bytes into a region of size between 1 and 44 [-Werror=format-truncation=]
>  1972 |                          "%s Validity", name);
>       |                             ^~~~~~~~~
> In function ‘parse_clock_source_unit’,
>     inlined from ‘parse_audio_unit’ at sound/usb/mixer.c:2892:10:
> sound/usb/mixer.c:1971:17: note: ‘snprintf’ output between 10 and 53 bytes into a destination of size 44
>  1971 |                 snprintf(kctl->id.name, sizeof(kctl->id.name),
>       |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>  1972 |                          "%s Validity", name);
>       |                          ~~~~~~~~~~~~~~~~~~~~
> cc1: all warnings being treated as errors
> 
> The warnings got brought to light by a recent patch upstream:
> commit 6d4ab2e97dcf ("extrawarn: enable format and stringop overflow warnings in W=1")
> 
> Signed-off-by: Peter Ujfalusi <peter.ujfalusi@...ux.intel.com>

Thanks, applied now.


Takashi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ