| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20230918184631.16228-2-stephen@networkplumber.org> Date: Mon, 18 Sep 2023 11:46:31 -0700 From: Stephen Hemminger <stephen@...workplumber.org> To: netdev@...r.kernel.org Cc: Stephen Hemminger <stephen@...workplumber.org> Subject: [PATCH iproute2 2/2] ila: fix potential snprintf buffer overflow The code to print 64 bit address has a theoretical overflow of snprintf buffer found by CodeQL scan. Address by checking result. Signed-off-by: Stephen Hemminger <stephen@...workplumber.org> --- ip/ipila.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ip/ipila.c b/ip/ipila.c index 4f6d578f24ae..23b19a108862 100644 --- a/ip/ipila.c +++ b/ip/ipila.c @@ -60,6 +60,8 @@ static void print_addr64(__u64 addr, char *buff, size_t len) sep = ""; ret = snprintf(&buff[written], len - written, "%x%s", v, sep); + if (ret < 0 || ret >= len - written) + break; written += ret; } } -- 2.39.2
Powered by blists - more mailing lists