lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5a716f1d-5a37-4634-be93-ba37b3b817c5@linux.dev>
Date: Thu, 24 Jul 2025 14:25:21 +0100
From: Vadim Fedorenko <vadim.fedorenko@...ux.dev>
To: Simon Horman <horms@...nel.org>, Sunil Goutham <sgoutham@...vell.com>,
 Linu Cherian <lcherian@...vell.com>, Geetha sowjanya <gakula@...vell.com>,
 Jerin Jacob <jerinj@...vell.com>, hariprasad <hkelam@...vell.com>,
 Subbaraya Sundeep <sbhatta@...vell.com>
Cc: Andrew Lunn <andrew+netdev@...n.ch>, "David S. Miller"
 <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>,
 Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
 netdev@...r.kernel.org
Subject: Re: [PATCH net-next] octeontx2-af: use unsigned int as iterator for
 unsigned values

On 24/07/2025 14:10, Simon Horman wrote:
> The local variable i is used to iterate over unsigned
> values. The lower bound of the loop is set to 0. While
> the upper bound is cgx->lmac_count, where they lmac_count is
> an u8. So the theoretical upper bound is 255.
> 
> As is, GCC can't see this range of values and warns that
> a formatted string, which includes the %d representation of i,
> may overflow the buffer provided.
> 
> GCC 15.1.0 says:
> 
>    .../cgx.c: In function 'cgx_lmac_init':
>    .../cgx.c:1737:49: warning: '%d' directive writing between 1 and 11 bytes into a region of size between 4 and 6 [-Wformat-overflow=]
>     1737 |                 sprintf(lmac->name, "cgx_fwi_%d_%d", cgx->cgx_id, i);
>          |                                                 ^~
>    .../cgx.c:1737:37: note: directive argument in the range [-2147483641, 254]
>     1737 |                 sprintf(lmac->name, "cgx_fwi_%d_%d", cgx->cgx_id, i);
>          |                                     ^~~~~~~~~~~~~~~
>    .../cgx.c:1737:17: note: 'sprintf' output between 12 and 24 bytes into a destination of size 16
>     1737 |                 sprintf(lmac->name, "cgx_fwi_%d_%d", cgx->cgx_id, i);
>          |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> Empirically, changing the type of i from (signed) int to unsigned int
> addresses this problem. I assume by allowing GCC to see the range of
> values described above.
> 
> Also update the format specifiers for the integer values in the string
> in question from %d to %u. This seems appropriate as they are now both
> unsigned.
> 
> No functional change intended.
> Compile tested only.
> 
> Signed-off-by: Simon Horman <horms@...nel.org>
> ---
>   drivers/net/ethernet/marvell/octeontx2/af/cgx.c | 6 +++---
>   1 file changed, 3 insertions(+), 3 deletions(-)

Reviewed-by: Vadim Fedorenko <vadim.fedorenko@...ux.dev>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ