Re: [PATCH net] can: can327: fix snprintf() limit in can327_handle_prompt()
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: Dan Carpenter <dan.carpenter@xxxxxxxxxx>, Vincent Mailhol <mailhol.vincent@xxxxxxxxxx>
- Subject: Re: [PATCH net] can: can327: fix snprintf() limit in can327_handle_prompt()
- From: Max Staudt <max@xxxxxxxxx>
- Date: Tue, 19 Nov 2024 09:48:53 +0900
- Cc: Marc Kleine-Budde <mkl@xxxxxxxxxxxxxx>, Andrew Lunn <andrew+netdev@xxxxxxx>, "David S. Miller" <davem@xxxxxxxxxxxxx>, Eric Dumazet <edumazet@xxxxxxxxxx>, Jakub Kicinski <kuba@xxxxxxxxxx>, Paolo Abeni <pabeni@xxxxxxxxxx>, linux-can@xxxxxxxxxxxxxxx, netdev@xxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, kernel-janitors@xxxxxxxxxxxxxxx
- In-reply-to: <e5572514-83d7-4b7e-b4f0-5318c6722250@stanley.mountain>
- References: <c896ba5d-7147-4978-9e25-86cfd88ff9dc@stanley.mountain> <6db4d783-6db2-4b86-887c-3c95d6763774@wanadoo.fr> <4ff913b9-93b3-4636-b0f6-6e874f813d2f@stanley.mountain> <9d6837c1-6fd1-4cc6-8315-c1ede8f20add@wanadoo.fr> <20241114-olive-petrel-of-culture-5ae519-mkl@pengutronix.de> <7841268c-c8dc-4db9-b2dd-c2c5fc366022@wanadoo.fr> <0c4ebaf0-a6c5-4852-939b-e7ac135f6f32@stanley.mountain> <7d4b176b-6b44-450b-ab2d-847e5199d1b9@wanadoo.fr> <e5572514-83d7-4b7e-b4f0-5318c6722250@stanley.mountain>
- User-agent: Mozilla Thunderbird
Hi all,
As promised, here is a patch cleaning up can327's payload "encoding"
(the hex dump part), plus a comment explaining why Dan's finding turned
out not to be security relevant. It's as Vincent already explained, plus
additional background information:
https://lore.kernel.org/linux-can/20241119003815.767004-1-max@xxxxxxxxx/T/
I've taken the liberty of not CC'ing the network maintainers on that
patch, hence this email with a pointer to it for anyone interested. In
the end, while it looked worrying at first, it ended up being just a
minor cleanup.
Thanks Dan for pointing out that ugly piece of code. I'd really like to
one day find the time to do some further cleanup, and especially further
commenting in order to reduce the bus factor, but oh well...
Max
[Index of Archives]
[Kernel Development]
[Kernel Announce]
[Kernel Newbies]
[Linux Networking Development]
[Share Photos]
[IDE]
[Security]
[Git]
[Netfilter]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Device Mapper]