lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <202401260858.jZN6vD1k-lkp@intel.com>
Date: Fri, 26 Jan 2024 08:48:43 +0800
From: kernel test robot <lkp@...el.com>
To: Daniel Axtens <dja@...ens.net>
Cc: oe-kbuild-all@...ts.linux.dev, linux-kernel@...r.kernel.org,
	Francis Laniel <laniel_francis@...vacyrequired.com>,
	Kees Cook <keescook@...omium.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Linux Memory Management List <linux-mm@...ck.org>
Subject: drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c:154:19: warning:
 '%s' directive output may be truncated writing up to 19 bytes into a region
 of size between 13 and 24

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head:   ecb1b8288dc7ccbdcb3b9df005fa1c0e0c0388a7
commit: 6a39e62abbafd1d58d1722f40c7d26ef379c6a2f lib: string.h: detect intra-object overflow in fortified string functions
date:   3 years, 1 month ago
config: x86_64-randconfig-012-20240106 (https://download.01.org/0day-ci/archive/20240126/202401260858.jZN6vD1k-lkp@intel.com/config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20240126/202401260858.jZN6vD1k-lkp@intel.com/reproduce)

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@...el.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202401260858.jZN6vD1k-lkp@intel.com/

All warnings (new ones prefixed by >>):

   drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c: In function 'bnx2x_fill_fw_str':
>> drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c:154:19: warning: '%s' directive output may be truncated writing up to 19 bytes into a region of size between 13 and 24 [-Wformat-truncation=]
     154 |     "bc %d.%d.%d%s%s",
         |                   ^~
   ......
     158 |     ((phy_fw_ver[0] != '\0') ? " phy " : ""), phy_fw_ver);
         |                                               ~~~~~~~~~~
   drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c:153:3: note: 'snprintf' output between 9 and 39 bytes into a destination of size 32
     153 |   snprintf(buf + strlen(bp->fw_ver), 32 - strlen(bp->fw_ver),
         |   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     154 |     "bc %d.%d.%d%s%s",
         |     ~~~~~~~~~~~~~~~~~~
     155 |     (bp->common.bc_ver & 0xff0000) >> 16,
         |     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     156 |     (bp->common.bc_ver & 0xff00) >> 8,
         |     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     157 |     (bp->common.bc_ver & 0xff),
         |     ~~~~~~~~~~~~~~~~~~~~~~~~~~~
     158 |     ((phy_fw_ver[0] != '\0') ? " phy " : ""), phy_fw_ver);
         |     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


vim +154 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c

b3b83c3f3c640b drivers/net/bnx2x/bnx2x_cmn.c                   Dmitry Kravkov 2011-05-04  135  
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  136  /**
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  137   * bnx2x_fill_fw_str - Fill buffer with FW version string.
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  138   *
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  139   * @bp:        driver handle
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  140   * @buf:       character buffer to fill with the fw name
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  141   * @buf_len:   length of the above buffer
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  142   *
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  143   */
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  144  void bnx2x_fill_fw_str(struct bnx2x *bp, char *buf, size_t buf_len)
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  145  {
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  146  	if (IS_PF(bp)) {
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  147  		u8 phy_fw_ver[PHY_FW_VER_LEN];
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  148  
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  149  		phy_fw_ver[0] = '\0';
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  150  		bnx2x_get_ext_phy_fw_version(&bp->link_params,
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  151  					     phy_fw_ver, PHY_FW_VER_LEN);
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  152  		strlcpy(buf, bp->fw_ver, buf_len);
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  153  		snprintf(buf + strlen(bp->fw_ver), 32 - strlen(bp->fw_ver),
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01 @154  			 "bc %d.%d.%d%s%s",
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  155  			 (bp->common.bc_ver & 0xff0000) >> 16,
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  156  			 (bp->common.bc_ver & 0xff00) >> 8,
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  157  			 (bp->common.bc_ver & 0xff),
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  158  			 ((phy_fw_ver[0] != '\0') ? " phy " : ""), phy_fw_ver);
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  159  	} else {
6411280ac94db9 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-07  160  		bnx2x_vf_fill_fw_str(bp, buf, buf_len);
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  161  	}
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  162  }
8ca5e17e58c953 drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c Ariel Elior    2013-01-01  163  

:::::: The code at line 154 was first introduced by commit
:::::: 8ca5e17e58c953b9a9dbd4974c554b25c6d70b1a bnx2x: Support of PF driver of a VF acquire request

:::::: TO: Ariel Elior <ariele@...adcom.com>
:::::: CC: David S. Miller <davem@...emloft.net>

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ