lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Wed, 25 Oct 2023 11:58:13 -0700
From:   Guenter Roeck <linux@...ck-us.net>
To:     Zhang Rui <rui.zhang@...el.com>
Cc:     jdelvare@...e.com, fenghua.yu@...el.com,
        linux-hwmon@...r.kernel.org, linux-kernel@...r.kernel.org,
        lkp@...el.com, dave.hansen@...ux.intel.com, len.brown@...el.com
Subject: Re: [PATCH] hwmon: (coretemp) Fix potentially truncated sysfs
 attribute name

On Wed, Oct 25, 2023 at 08:23:16PM +0800, Zhang Rui wrote:
> When build with W=1 and "-Werror=format-truncation", below error is
> observed in coretemp driver,
> 
>    drivers/hwmon/coretemp.c: In function 'create_core_data':
> >> drivers/hwmon/coretemp.c:393:34: error: '%s' directive output may be truncated writing likely 5 or more bytes into a region of size between 3 and 13 [-Werror=format-truncation=]
>      393 |                          "temp%d_%s", attr_no, suffixes[i]);
>          |                                  ^~
>    drivers/hwmon/coretemp.c:393:26: note: assuming directive output of 5 bytes
>      393 |                          "temp%d_%s", attr_no, suffixes[i]);
>          |                          ^~~~~~~~~~~
>    drivers/hwmon/coretemp.c:392:17: note: 'snprintf' output 7 or more bytes (assuming 22) into a destination of size 19
>      392 |                 snprintf(tdata->attr_name[i], CORETEMP_NAME_LENGTH,
>          |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>      393 |                          "temp%d_%s", attr_no, suffixes[i]);
>          |                          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>    cc1: all warnings being treated as errors
> 
> Given that
> 1. '%d' could take 10 charactors,
> 2. '%s' could take 10 charactors ("crit_alarm"),
> 3. "temp", "_" and the NULL terminator take 6 charactors,
> fix the problem by increasing CORETEMP_NAME_LENGTH to 28.
> 
> Signed-off-by: Zhang Rui <rui.zhang@...el.com>
> Fixes: 7108b80a542b ("hwmon/coretemp: Handle large core ID value")
> Reported-by: kernel test robot <lkp@...el.com>
> Closes: https://lore.kernel.org/oe-kbuild-all/202310200443.iD3tUbbK-lkp@intel.com/

Applied.

Thanks,
Guenter

Powered by blists - more mailing lists