| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <645d8e19494d4a27b2ae775fee56e252@AcuMS.aculab.com>
Date: Thu, 4 Jan 2024 22:57:10 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Zack Rusin' <zack.rusin@...adcom.com>, "linux-kernel@...r.kernel.org"
<linux-kernel@...r.kernel.org>
CC: Dmitry Torokhov <dmitry.torokhov@...il.com>, Arnd Bergmann
<arnd@...db.de>, Robert Jarzmik <robert.jarzmik@...e.fr>, Raul Rangel
<rrangel@...omium.org>, "linux-input@...r.kernel.org"
<linux-input@...r.kernel.org>, "stable@...r.kernel.org"
<stable@...r.kernel.org>
Subject: RE: [PATCH v2] input/vmmouse: Fix device name copies
From: Zack Rusin
> Sent: 04 January 2024 05:06
>
> Make sure vmmouse_data::phys can hold serio::phys (which is 32 bytes)
> plus an extra string, extend it to 64.
>
> Fixes gcc13 warnings:
> drivers/input/mouse/vmmouse.c: In function ‘vmmouse_init’:
> drivers/input/mouse/vmmouse.c:455:53: warning: ‘/input1’ directive output may be truncated writing 7
> bytes into a region of size between 1 and 32 [-Wformat-truncation=]
> 455 | snprintf(priv->phys, sizeof(priv->phys), "%s/input1",
> | ^~~~~~~
> drivers/input/mouse/vmmouse.c:455:9: note: ‘snprintf’ output between 8 and 39 bytes into a destination
> of size 32
> 455 | snprintf(priv->phys, sizeof(priv->phys), "%s/input1",
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 456 | psmouse->ps2dev.serio->phys);
> | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> v2: Use the exact size for the vmmouse_data::phys
>
> Signed-off-by: Zack Rusin <zack.rusin@...adcom.com>
> Fixes: 8b8be51b4fd3 ("Input: add vmmouse driver")
> Cc: Dmitry Torokhov <dmitry.torokhov@...il.com>
> Cc: Arnd Bergmann <arnd@...db.de>
> Cc: Robert Jarzmik <robert.jarzmik@...e.fr>
> Cc: Raul Rangel <rrangel@...omium.org>
> Cc: linux-input@...r.kernel.org
> Cc: <stable@...r.kernel.org> # v4.1+
> ---
> drivers/input/mouse/vmmouse.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/input/mouse/vmmouse.c b/drivers/input/mouse/vmmouse.c
> index ea9eff7c8099..74131673e2f3 100644
> --- a/drivers/input/mouse/vmmouse.c
> +++ b/drivers/input/mouse/vmmouse.c
> @@ -63,6 +63,8 @@
> #define VMMOUSE_VENDOR "VMware"
> #define VMMOUSE_NAME "VMMouse"
>
> +#define VMMOUSE_PHYS_NAME_POSTFIX_STR "/input1"
> +
> /**
> * struct vmmouse_data - private data structure for the vmmouse driver
> *
> @@ -72,7 +74,8 @@
> */
> struct vmmouse_data {
> struct input_dev *abs_dev;
> - char phys[32];
> + char phys[sizeof_field(struct serio, phys) +
> + strlen(VMMOUSE_PHYS_NAME_POSTFIX_STR)];
> char dev_name[128];
> };
>
> @@ -452,7 +455,8 @@ int vmmouse_init(struct psmouse *psmouse)
> psmouse->private = priv;
>
> /* Set up and register absolute device */
> - snprintf(priv->phys, sizeof(priv->phys), "%s/input1",
> + snprintf(priv->phys, sizeof(priv->phys),
> + "%s" VMMOUSE_PHYS_NAME_POSTFIX_STR,
> psmouse->ps2dev.serio->phys);
Notwithstanding any error (fixed) or not from the gcc/build robert
or sparse that 'fix' is entirely horrible.
Related I'm guessing that dev_name[128] is either likely to
be truncated or massively far too long?
There are a few way to get gcc to STFU :-)
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists