On 11/5/19 1:48 AM, Jan Kara wrote:
@@ -228,11 +228,11 @@ static int afs_xattr_get_yfs(const struct xattr_handler *handler,
break;
case 1:
data = buf;
- dsize = snprintf(buf, sizeof(buf), "%u", yacl->inherit_flag);
+ dsize = scnprintf(buf, sizeof(buf), "%u", yacl->inherit_flag);
break;
case 2:
data = buf;
- dsize = snprintf(buf, sizeof(buf), "%u", yacl->num_cleaned);
+ dsize = scnprintf(buf, sizeof(buf), "%u", yacl->num_cleaned);
break;
case 3:
These scnprintf() changes (and there are more in the patch) probably
shouldn't be here... Otherwise the patch still looks good to me :).
Honza
Good catch, they were done in locality, I forgot about them, this patch
series has been living for almost a year now and time has become its
enemy ... will spin this as a separate patch. They strike as a security
issue with the possibility of fragile UAF when the code is maintained by
future selves.
-- Mark