| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 Feb 2023 15:40:32 +0100
From: Simon Horman <simon.horman@...igine.com>
To: David Laight <David.Laight@...lab.com>
Cc: Alexandra Winter <wintera@...ux.ibm.com>,
David Miller <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"linux-s390@...r.kernel.org" <linux-s390@...r.kernel.org>,
Heiko Carstens <hca@...ux.ibm.com>,
Thorsten Winkler <twinkler@...ux.ibm.com>,
Jules Irenge <jbi.octave@...il.com>
Subject: Re: [PATCH net-next 4/4] s390/qeth: Convert sprintf/snprintf to
scnprintf
On Wed, Feb 08, 2023 at 02:37:32PM +0000, David Laight wrote:
> [You don't often get email from david.laight@...lab.com. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]
>
> From: Simon Horman
> > Sent: 07 February 2023 15:43
> ...
> > However, amongst other usages of the return value,
> > those callers also check for a return < 0 from this function.
> > Can that occur, in the sprintf or scnprintf case?
>
> That rather depends on what happens with calls like:
> snprintf(NULL, 0, "*%s%*s", MAX_INT, "", MAX_INT, "");
>
> That is a whole bag of worms you don't want to put your hand into.
Ok :)
Powered by blists - more mailing lists