lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1497850852.8495.41.camel@perches.com>
Date:   Sun, 18 Jun 2017 22:40:52 -0700
From:   Joe Perches <joe@...ches.com>
To:     Govindarajulu Varadarajan <gvaradar@...co.com>,
        davem@...emloft.net, netdev@...r.kernel.org
Cc:     benve@...co.com
Subject: Re: [PATCH net-next] enic: use kasprintf instead of snprintf

On Sun, 2017-06-18 at 22:05 -0700, Govindarajulu Varadarajan wrote:
> With -Wformat-truncation=, gcc throws the following warning. Instead of
> using snprintf, use kasprintf and allocate string size as needed.
> 
> drivers/net/ethernet/cisco/enic/enic_main.c: In function ‘enic_open’:
> drivers/net/ethernet/cisco/enic/enic_main.c:1740:15: warning: ‘%u’ directive output may be truncated writing between 1 and 2 bytes into a region of size between 1 and 12 [-Wformat-truncation=]
>      "%.11s-rx-%u", netdev->name, i);
>                ^~
> drivers/net/ethernet/cisco/enic/enic_main.c:1740:5: note: directive argument in the range [0, 16]
>      "%.11s-rx-%u", netdev->name, i);
>      ^~~~~~~~~~~~~
> drivers/net/ethernet/cisco/enic/enic_main.c:1738:4: note: ‘snprintf’ output between 6 and 18 bytes into a destination of size 16
>     snprintf(enic->msix[intr].devname,
>     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>      sizeof(enic->msix[intr].devname),
>      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>      "%.11s-rx-%u", netdev->name, i);
>      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> drivers/net/ethernet/cisco/enic/enic_main.c:1751:5: warning: ‘snprintf’ output may be truncated before the last format character [-Wformat-truncation=]
>      "%.11s-tx-%u", netdev->name, i);


Perhaps it'd be better to use a style
with a variable length format precision

ie:

	"%.*s-tx-%u", IFNAMSIZ - 4 - <something>, netdev-name, i)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ