re: bcache: A block layer cache

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello Kent Overstreet,

The patch cafe56359144: "bcache: A block layer cache" from Mar 23, 
2013, leads to the following warning:
"drivers/md/bcache/util.c:92 hprint()
	 error: format string overflow. buf_size: 3 length: 4"

drivers/md/bcache/util.c
    77  ssize_t hprint(char *buf, int64_t v)
    78  {
    79          static const char units[] = "?kMGTPEZY";
    80          char dec[3] = "";
    81          int u, t = 0;
    82  
    83          for (u = 0; v >= 1024 || v <= -1024; u++) {
    84                  t = v & ~(~0 << 10);
    85                  v >>= 10;
    86          }
    87  
    88          if (!u)
    89                  return sprintf(buf, "%llu", v);
    90  
    91          if (v < 100 && v > -100)
    92                  sprintf(dec, ".%i", t / 100);

For example, hprint(buf, 2024) will cause a one char buffer overflow.

    93  
    94          return sprintf(buf, "%lli%s%c", v, dec, units[u]);

regards,
dan carpenter

--
To unsubscribe from this list: send the line "unsubscribe linux-bcache" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux ARM Kernel]     [Linux Filesystem Development]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux