| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZcnHwRCr6s3T8VXt@Laptop-X1>
Date: Mon, 12 Feb 2024 15:24:49 +0800
From: Hangbin Liu <liuhangbin@...il.com>
To: Stephen Hemminger <stephen@...workplumber.org>
Cc: netdev@...r.kernel.org, jhs@...atatu.com
Subject: Re: [PATCH iproute2] tc: u32: check return value from snprintf
On Sat, Feb 10, 2024 at 05:04:23PM -0800, Stephen Hemminger wrote:
> Add assertion to check for case of snprintf failing (bad format?)
> or buffer getting full.
>
> Signed-off-by: Stephen Hemminger <stephen@...workplumber.org>
Hi Stephen,
Is there a bug report or something else that we only do the assertion
for tc/f_u32.c?
Thanks
Hangbin
> ---
> tc/f_u32.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/tc/f_u32.c b/tc/f_u32.c
> index 913ec1de435d..8a2413103906 100644
> --- a/tc/f_u32.c
> +++ b/tc/f_u32.c
> @@ -7,6 +7,7 @@
> *
> */
>
> +#include <assert.h>
> #include <stdio.h>
> #include <stdlib.h>
> #include <unistd.h>
> @@ -87,6 +88,7 @@ static char *sprint_u32_handle(__u32 handle, char *buf)
> if (htid) {
> int l = snprintf(b, bsize, "%x:", htid>>20);
>
> + assert(l > 0 && l < bsize);
> bsize -= l;
> b += l;
> }
> @@ -94,12 +96,14 @@ static char *sprint_u32_handle(__u32 handle, char *buf)
> if (hash) {
> int l = snprintf(b, bsize, "%x", hash);
>
> + assert(l > 0 && l < bsize);
> bsize -= l;
> b += l;
> }
> if (nodeid) {
> int l = snprintf(b, bsize, ":%x", nodeid);
>
> + assert(l > 0 && l < bsize);
> bsize -= l;
> b += l;
> }
> --
> 2.43.0
>
Powered by blists - more mailing lists