| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 14 Jul 2017 09:04:08 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: arnd@...db.de
Cc: linux-kernel@...r.kernel.org, derek.chickles@...iumnetworks.com,
satananda.burla@...iumnetworks.com,
felix.manlunas@...iumnetworks.com,
raghu.vatsavayi@...iumnetworks.com, gregkh@...uxfoundation.org,
torvalds@...ux-foundation.org, linux@...ck-us.net,
akpm@...ux-foundation.org, netdev@...r.kernel.org,
jejb@...ux.vnet.ibm.com, martin.petersen@...cle.com,
linux-scsi@...r.kernel.org, x86@...nel.org,
weilin.chang@...ium.com, prasad.kanneganti@...ium.com
Subject: Re: [PATCH 13/22] liquidio: fix possible eeprom format string
overflow
From: Arnd Bergmann <arnd@...db.de>
Date: Fri, 14 Jul 2017 14:07:05 +0200
> gcc reports that the temporary buffer for computing the
> string length may be too small here:
>
> drivers/net/ethernet/cavium/liquidio/lio_ethtool.c: In function 'lio_get_eeprom_len':
> /drivers/net/ethernet/cavium/liquidio/lio_ethtool.c:345:21: error: 'sprintf' may write a terminating nul past the end of the destination [-Werror=format-overflow=]
> len = sprintf(buf, "boardname:%s serialnum:%s maj:%lld min:%lld\n",
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> drivers/net/ethernet/cavium/liquidio/lio_ethtool.c:345:6: note: 'sprintf' output between 35 and 167 bytes into a destination of size 128
> len = sprintf(buf, "boardname:%s serialnum:%s maj:%lld min:%lld\n",
>
> This extends it to 192 bytes, which is certainly enough. As far
> as I could tell, there are no other constraints that require a specific
> maximum size.
>
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
Applied.
Powered by blists - more mailing lists