Re: [PATCH] staging: greybus: Use scnprintf() for avoiding potential buffer overflow

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 11 Mar 2020 11:09:03 +0100,
Johan Hovold wrote:
> 
> On Wed, Mar 11, 2020 at 11:02:33AM +0100, Takashi Iwai wrote:
> > On Wed, 11 Mar 2020 10:58:14 +0100,
> > Johan Hovold wrote:
> > > 
> > > On Wed, Mar 11, 2020 at 10:19:06AM +0100, Takashi Iwai wrote:
> > > > Since snprintf() returns the would-be-output size instead of the
> > > > actual output size, the succeeding calls may go beyond the given
> > > > buffer limit.  Fix it by replacing with scnprintf().
> > > > 
> > > > Signed-off-by: Takashi Iwai <tiwai@xxxxxxx>
> > > > ---
> > > >  drivers/staging/greybus/tools/loopback_test.c | 24 ++++++++++++------------
> > > 
> > > Thanks for the fix.
> > > 
> > > Would you mind resending with a "staging: greybus: loopback_test:"
> > > prefix since this is not a subsystem wide issue, bur rather a bug in a
> > > specific user-space tool?
> > 
> > OK, will do that.
> 
> Thanks.
> 
> Perhaps you should replace the snprintf() at the start of the function
> in question as well by the way.

Yeah, it's I also wonder while working on many other codes, too.
I decided to minimize the changes at this time and concentrate only on
the code that has a pattern like:
   pos += snprintf(buf, limit - pos, ...)


thanks,

Takashi
_______________________________________________
greybus-dev mailing list
greybus-dev@xxxxxxxxxxxxxxxx
https://lists.linaro.org/mailman/listinfo/greybus-dev




[Index of Archives]     [Asterisk App Development]     [PJ SIP]     [Gnu Gatekeeper]     [IETF Sipping]     [Info Cyrus]     [ALSA User]     [Fedora Linux Users]     [Linux SCTP]     [DCCP]     [Gimp]     [Yosemite News]     [Deep Creek Hot Springs]     [Yosemite Campsites]     [ISDN Cause Codes]     [Asterisk Books]

  Powered by Linux