lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 19 Jan 2024 14:56:14 +0000
From: Simon Horman <horms@...nel.org>
To: Kunwu Chan <chentao@...inos.cn>
Cc: jesse.brandeburg@...el.com, anthony.l.nguyen@...el.com,
	davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
	pabeni@...hat.com, jacob.e.keller@...el.com,
	przemyslaw.kitszel@...el.com, intel-wired-lan@...ts.osuosl.org,
	netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
	Kunwu Chan <kunwu.chan@...mail.com>
Subject: Re: [PATCH v3] igb: Fix string truncation warnings in
 igb_set_fw_version

On Mon, Jan 15, 2024 at 04:28:25PM +0800, Kunwu Chan wrote:
> Commit 1978d3ead82c ("intel: fix string truncation warnings")
> fixes '-Wformat-truncation=' warnings in igb_main.c by using kasprintf.
> 
> drivers/net/ethernet/intel/igb/igb_main.c:3092:53: warning:‘%d’ directive output may be truncated writing between 1 and 5 bytes into a region of size between 1 and 13 [-Wformat-truncation=]
>  3092 |                                  "%d.%d, 0x%08x, %d.%d.%d",
>       |                                                     ^~
> drivers/net/ethernet/intel/igb/igb_main.c:3092:34: note:directive argument in the range [0, 65535]
>  3092 |                                  "%d.%d, 0x%08x, %d.%d.%d",
>       |                                  ^~~~~~~~~~~~~~~~~~~~~~~~~
> drivers/net/ethernet/intel/igb/igb_main.c:3092:34: note:directive argument in the range [0, 65535]
> drivers/net/ethernet/intel/igb/igb_main.c:3090:25: note:‘snprintf’ output between 23 and 43 bytes into a destination of size 32
> 
> kasprintf() returns a pointer to dynamically allocated memory
> which can be NULL upon failure.
> 
> Fix this warning by using a larger space for adapter->fw_version,
> and then fall back and continue to use snprintf.
> 
> Fixes: 1978d3ead82c ("intel: fix string truncation warnings")
> Signed-off-by: Kunwu Chan <chentao@...inos.cn>
> Cc: Kunwu Chan <kunwu.chan@...mail.com>
> Suggested-by: Jakub Kicinski <kuba@...nel.org>

Reviewed-by: Simon Horman <horms@...nel.org>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ