lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Jul 2017 14:59:15 +0200 From: Hans Verkuil <hverkuil@...all.nl> To: Arnd Bergmann <arnd@...db.de> Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Mauro Carvalho Chehab <mchehab@...nel.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Guenter Roeck <linux@...ck-us.net>, Andrew Morton <akpm@...ux-foundation.org>, Networking <netdev@...r.kernel.org>, "David S . Miller" <davem@...emloft.net>, "James E . J . Bottomley" <jejb@...ux.vnet.ibm.com>, "Martin K . Petersen" <martin.petersen@...cle.com>, linux-scsi <linux-scsi@...r.kernel.org>, the arch/x86 maintainers <x86@...nel.org>, Sakari Ailus <sakari.ailus@...ux.intel.com>, Linux Media Mailing List <linux-media@...r.kernel.org> Subject: Re: [PATCH 14/22] [media] usbvision-i2c: fix format overflow warning On 17/07/17 14:57, Arnd Bergmann wrote: > On Mon, Jul 17, 2017 at 2:53 PM, Hans Verkuil <hverkuil@...all.nl> wrote: >> On 14/07/17 14:07, Arnd Bergmann wrote: >>> gcc-7 notices that we copy a fixed length string into another >>> string of the same size, with additional characters: >>> >>> drivers/media/usb/usbvision/usbvision-i2c.c: In function 'usbvision_i2c_register': >>> drivers/media/usb/usbvision/usbvision-i2c.c:190:36: error: '%d' directive writing between 1 and 11 bytes into a region of size between 0 and 47 [-Werror=format-overflow=] >>> sprintf(usbvision->i2c_adap.name, "%s-%d-%s", i2c_adap_template.name, >>> ^~~~~~~~~~ >>> drivers/media/usb/usbvision/usbvision-i2c.c:190:2: note: 'sprintf' output between 4 and 76 bytes into a destination of size 48 >>> >>> We know this is fine as the template name is always "usbvision", so >>> we can easily avoid the warning by using this as the format string >>> directly. >> >> Hmm, how about replacing sprintf by snprintf? That feels a lot safer (this is very >> old code, it's not surprising it is still using sprintf). > > With snprintf(), you will still get a -Wformat-truncation warning. One > of my patches > disables that warning by default, but Mauro likes build-testing with > "make W=1", so > it would still show up then. > > However, we can do both: replace the string and use snprintf(). Yes please! Regards, Hans
Powered by blists - more mailing lists