lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <250e4d5d-77c8-4c48-9410-53a63d471fae@nvidia.com>
Date:   Thu, 7 Dec 2023 06:28:26 +0000
From:   Chaitanya Kulkarni <chaitanyak@...dia.com>
To:     Stefan Hajnoczi <stefanha@...hat.com>,
        "Michael S. Tsirkin" <mst@...hat.com>
CC:     "David.Laight@...lab.com" <David.Laight@...lab.com>,
        Xuan Zhuo <xuanzhuo@...ux.alibaba.com>,
        "linux-block@...r.kernel.org" <linux-block@...r.kernel.org>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Jens Axboe <axboe@...nel.dk>, Jason Wang <jasowang@...hat.com>,
        "virtualization@...ts.linux.dev" <virtualization@...ts.linux.dev>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Suwan Kim <suwan.kim027@...il.com>,
        kernel test robot <lkp@...el.com>
Subject: Re: [PATCH v2] virtio_blk: fix snprintf truncation compiler warning

On 12/5/23 06:18, Stefan Hajnoczi wrote:
> Commit 4e0400525691 ("virtio-blk: support polling I/O") triggers the
> following gcc 13 W=1 warnings:
>
> drivers/block/virtio_blk.c: In function ‘init_vq’:
> drivers/block/virtio_blk.c:1077:68: warning: ‘%d’ directive output may be truncated writing between 1 and 11 bytes into a region of size 7 [-Wformat-truncation=]
>   1077 |                 snprintf(vblk->vqs[i].name, VQ_NAME_LEN, "req_poll.%d", i);
>        |                                                                    ^~
> drivers/block/virtio_blk.c:1077:58: note: directive argument in the range [-2147483648, 65534]
>   1077 |                 snprintf(vblk->vqs[i].name, VQ_NAME_LEN, "req_poll.%d", i);
>        |                                                          ^~~~~~~~~~~~~
> drivers/block/virtio_blk.c:1077:17: note: ‘snprintf’ output between 11 and 21 bytes into a destination of size 16
>   1077 |                 snprintf(vblk->vqs[i].name, VQ_NAME_LEN, "req_poll.%d", i);
>        |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> This is a false positive because the lower bound -2147483648 is
> incorrect. The true range of i is [0, num_vqs - 1] where 0 < num_vqs <
> 65536.
>
> The code mixes int, unsigned short, and unsigned int types in addition
> to using "%d" for an unsigned value. The only place where a 16-bit value
> is needed is during the config space access. Use unsigned int and "%u"
> consistently to solve the compiler warning and clean up the code.
>
> Cc: Suwan Kim <suwan.kim027@...il.com>
> Reported-by: kernel test robot <lkp@...el.com>
> Closes: https://lore.kernel.org/oe-kbuild-all/202312041509.DIyvEt9h-lkp@intel.com/
> Signed-off-by: Stefan Hajnoczi <stefanha@...hat.com>
> ---
>   drivers/block/virtio_blk.c | 13 ++++++++-----
>   1 file changed, 8 insertions(+), 5 deletions(-)
>
> v2:
> - Use unsigned int instead of unsigned short [David]
>
>

Looks good.

Reviewed-by: Chaitanya Kulkarni <kch@...dia.com>

-ck


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ