lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240324234027.1354210-129-sashal@kernel.org>
Date: Sun, 24 Mar 2024 19:38:36 -0400
From: Sasha Levin <sashal@...nel.org>
To: linux-kernel@...r.kernel.org,
	stable@...r.kernel.org
Cc: Srinivasan Shanmugam <srinivasan.shanmugam@....com>,
	Alex Hung <alex.hung@....com>,
	Qingqing Zhuo <qingqing.zhuo@....com>,
	Rodrigo Siqueira <Rodrigo.Siqueira@....com>,
	Aurabindo Pillai <aurabindo.pillai@....com>,
	Alex Deucher <alexander.deucher@....com>,
	Harry Wentland <harry.wentland@....com>,
	Sasha Levin <sashal@...nel.org>
Subject: [PATCH 5.10 128/238] drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()'

From: Srinivasan Shanmugam <srinivasan.shanmugam@....com>

[ Upstream commit 4b09715f1504f1b6e8dff0e9643630610bc05141 ]

Tell snprintf() to store at most 10 bytes in the output buffer
instead of 30.

Fixes the below:
drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm_debugfs.c:1508 dp_dsc_clock_en_read() error: snprintf() is printing too much 30 vs 10

Fixes: c06e09b76639 ("drm/amd/display: Add DSC parameters logging to debugfs")
Cc: Alex Hung <alex.hung@....com>
Cc: Qingqing Zhuo <qingqing.zhuo@....com>
Cc: Rodrigo Siqueira <Rodrigo.Siqueira@....com>
Cc: Aurabindo Pillai <aurabindo.pillai@....com>
Cc: Alex Deucher <alexander.deucher@....com>
Signed-off-by: Srinivasan Shanmugam <srinivasan.shanmugam@....com>
Reviewed-by: Harry Wentland <harry.wentland@....com>
Signed-off-by: Alex Deucher <alexander.deucher@....com>
Signed-off-by: Sasha Levin <sashal@...nel.org>
---
 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c
index e43f82bcb231a..32dbd2a270887 100644
--- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c
+++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c
@@ -1179,7 +1179,7 @@ static ssize_t dp_dsc_clock_en_read(struct file *f, char __user *buf,
 	const uint32_t rd_buf_size = 10;
 	struct pipe_ctx *pipe_ctx;
 	ssize_t result = 0;
-	int i, r, str_len = 30;
+	int i, r, str_len = 10;
 
 	rd_buf = kcalloc(rd_buf_size, sizeof(char), GFP_KERNEL);
 
-- 
2.43.0


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ