[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240705-bnxt-str-v1-3-bafc769ed89e@kernel.org>
Date: Fri, 05 Jul 2024 12:26:49 +0100
From: Simon Horman <horms@...nel.org>
To: "David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>
Cc: Michael Chan <michael.chan@...adcom.com>, netdev@...r.kernel.org
Subject: [PATCH net-next 3/3] bnxt_en: avoid truncation of per rx run
debugfs filename
Although it seems unlikely in practice - there would need to be
rx ring indexes greater than 10^10 - it is theoretically possible
for the filename of per rx ring debugfs files to be truncated.
This is because although a 16 byte buffer is provided, the length
of the filename is restricted to 10 bytes. Remove this restriction
and allow the entire buffer to be used.
Also reduce the buffer to 12 bytes, which is sufficient.
Given that the range of rx ring indexes likely much smaller than the
maximum range of a 32-bit signed integer, a smaller buffer could be
used, with some further changes. But this change seems simple, robust,
and has minimal stack overhead.
Flagged by gcc-14:
.../bnxt_debugfs.c: In function 'bnxt_debug_dev_init':
drivers/net/ethernet/broadcom/bnxt/bnxt_debugfs.c:69:30: warning: '%d' directive output may be truncated writing between 1 and 11 bytes into a region of size 10 [-Wformat-truncation=]
69 | snprintf(qname, 10, "%d", ring_idx);
| ^~
In function 'debugfs_dim_ring_init',
inlined from 'bnxt_debug_dev_init' at .../bnxt_debugfs.c:87:4:
.../bnxt_debugfs.c:69:29: note: directive argument in the range [-2147483643, 2147483646]
69 | snprintf(qname, 10, "%d", ring_idx);
| ^~~~
.../bnxt_debugfs.c:69:9: note: 'snprintf' output between 2 and 12 bytes into a destination of size 10
69 | snprintf(qname, 10, "%d", ring_idx);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Compile tested only
Signed-off-by: Simon Horman <horms@...nel.org>
---
drivers/net/ethernet/broadcom/bnxt/bnxt_debugfs.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/broadcom/bnxt/bnxt_debugfs.c b/drivers/net/ethernet/broadcom/bnxt/bnxt_debugfs.c
index 156c2404854f..127b7015f676 100644
--- a/drivers/net/ethernet/broadcom/bnxt/bnxt_debugfs.c
+++ b/drivers/net/ethernet/broadcom/bnxt/bnxt_debugfs.c
@@ -64,9 +64,9 @@ static const struct file_operations debugfs_dim_fops = {
static void debugfs_dim_ring_init(struct dim *dim, int ring_idx,
struct dentry *dd)
{
- static char qname[16];
+ static char qname[12];
- snprintf(qname, 10, "%d", ring_idx);
+ snprintf(qname, sizeof(qname), "%d", ring_idx);
debugfs_create_file(qname, 0600, dd, dim, &debugfs_dim_fops);
}
--
2.43.0
Powered by blists - more mailing lists