* [PATCH] bcache: Use scnprintf() for avoiding potential buffer overflow
@ 2020-03-11 7:45 Takashi Iwai
2020-03-19 15:58 ` Takashi Iwai
0 siblings, 1 reply; 5+ messages in thread
From: Takashi Iwai @ 2020-03-11 7:45 UTC (permalink / raw)
To: Coly Li, Kent Overstreet; +Cc: linux-bcache
Since snprintf() returns the would-be-output size instead of the
actual output size, the succeeding calls may go beyond the given
buffer limit. Fix it by replacing with scnprintf().
Signed-off-by: Takashi Iwai <tiwai@suse.de>
---
drivers/md/bcache/sysfs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/md/bcache/sysfs.c b/drivers/md/bcache/sysfs.c
index 3470fae4eabc..323276994aab 100644
--- a/drivers/md/bcache/sysfs.c
+++ b/drivers/md/bcache/sysfs.c
@@ -154,7 +154,7 @@ static ssize_t bch_snprint_string_list(char *buf,
size_t i;
for (i = 0; list[i]; i++)
- out += snprintf(out, buf + size - out,
+ out += scnprintf(out, buf + size - out,
i == selected ? "[%s] " : "%s ", list[i]);
out[-1] = '\n';
--
2.16.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] bcache: Use scnprintf() for avoiding potential buffer overflow
2020-03-11 7:45 [PATCH] bcache: Use scnprintf() for avoiding potential buffer overflow Takashi Iwai
@ 2020-03-19 15:58 ` Takashi Iwai
2020-03-19 16:27 ` Coly Li
0 siblings, 1 reply; 5+ messages in thread
From: Takashi Iwai @ 2020-03-19 15:58 UTC (permalink / raw)
To: Coly Li, Kent Overstreet; +Cc: linux-bcache
On Wed, 11 Mar 2020 08:45:58 +0100,
Takashi Iwai wrote:
>
> Since snprintf() returns the would-be-output size instead of the
> actual output size, the succeeding calls may go beyond the given
> buffer limit. Fix it by replacing with scnprintf().
>
> Signed-off-by: Takashi Iwai <tiwai@suse.de>
A gentle reminder for this forgotten patch.
Let me know if any further changes are needed.
thanks,
Takashi
> ---
> drivers/md/bcache/sysfs.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/md/bcache/sysfs.c b/drivers/md/bcache/sysfs.c
> index 3470fae4eabc..323276994aab 100644
> --- a/drivers/md/bcache/sysfs.c
> +++ b/drivers/md/bcache/sysfs.c
> @@ -154,7 +154,7 @@ static ssize_t bch_snprint_string_list(char *buf,
> size_t i;
>
> for (i = 0; list[i]; i++)
> - out += snprintf(out, buf + size - out,
> + out += scnprintf(out, buf + size - out,
> i == selected ? "[%s] " : "%s ", list[i]);
>
> out[-1] = '\n';
> --
> 2.16.4
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] bcache: Use scnprintf() for avoiding potential buffer overflow
2020-03-19 15:58 ` Takashi Iwai
@ 2020-03-19 16:27 ` Coly Li
2020-03-19 16:28 ` Takashi Iwai
0 siblings, 1 reply; 5+ messages in thread
From: Coly Li @ 2020-03-19 16:27 UTC (permalink / raw)
To: Takashi Iwai; +Cc: Kent Overstreet, linux-bcache
On 2020/3/19 11:58 下午, Takashi Iwai wrote:
> On Wed, 11 Mar 2020 08:45:58 +0100,
> Takashi Iwai wrote:
>>
>> Since snprintf() returns the would-be-output size instead of the
>> actual output size, the succeeding calls may go beyond the given
>> buffer limit. Fix it by replacing with scnprintf().
>>
>> Signed-off-by: Takashi Iwai <tiwai@suse.de>
>
> A gentle reminder for this forgotten patch.
> Let me know if any further changes are needed.
>
Hi Takashi,
This is in my for-next list already. Sorry for not reply you yet, just
busy on the testing with combined with md raid backend.
Thanks.
Coly Li
>> ---
>> drivers/md/bcache/sysfs.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/drivers/md/bcache/sysfs.c b/drivers/md/bcache/sysfs.c
>> index 3470fae4eabc..323276994aab 100644
>> --- a/drivers/md/bcache/sysfs.c
>> +++ b/drivers/md/bcache/sysfs.c
>> @@ -154,7 +154,7 @@ static ssize_t bch_snprint_string_list(char *buf,
>> size_t i;
>>
>> for (i = 0; list[i]; i++)
>> - out += snprintf(out, buf + size - out,
>> + out += scnprintf(out, buf + size - out,
>> i == selected ? "[%s] " : "%s ", list[i]);
>>
>> out[-1] = '\n';
>> --
>> 2.16.4
>>
--
Coly Li
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] bcache: Use scnprintf() for avoiding potential buffer overflow
2020-03-19 16:27 ` Coly Li
@ 2020-03-19 16:28 ` Takashi Iwai
2020-03-19 16:32 ` Coly Li
0 siblings, 1 reply; 5+ messages in thread
From: Takashi Iwai @ 2020-03-19 16:28 UTC (permalink / raw)
To: Coly Li; +Cc: Kent Overstreet, linux-bcache
On Thu, 19 Mar 2020 17:27:47 +0100,
Coly Li wrote:
>
> On 2020/3/19 11:58 下午, Takashi Iwai wrote:
> > On Wed, 11 Mar 2020 08:45:58 +0100,
> > Takashi Iwai wrote:
> >>
> >> Since snprintf() returns the would-be-output size instead of the
> >> actual output size, the succeeding calls may go beyond the given
> >> buffer limit. Fix it by replacing with scnprintf().
> >>
> >> Signed-off-by: Takashi Iwai <tiwai@suse.de>
> >
> > A gentle reminder for this forgotten patch.
> > Let me know if any further changes are needed.
> >
>
> Hi Takashi,
>
> This is in my for-next list already. Sorry for not reply you yet, just
> busy on the testing with combined with md raid backend.
OK, thanks. I just wondered because it didn't appear on linux-next,
either.
Takashi
>
> Thanks.
>
> Coly Li
>
> >> ---
> >> drivers/md/bcache/sysfs.c | 2 +-
> >> 1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/drivers/md/bcache/sysfs.c b/drivers/md/bcache/sysfs.c
> >> index 3470fae4eabc..323276994aab 100644
> >> --- a/drivers/md/bcache/sysfs.c
> >> +++ b/drivers/md/bcache/sysfs.c
> >> @@ -154,7 +154,7 @@ static ssize_t bch_snprint_string_list(char *buf,
> >> size_t i;
> >>
> >> for (i = 0; list[i]; i++)
> >> - out += snprintf(out, buf + size - out,
> >> + out += scnprintf(out, buf + size - out,
> >> i == selected ? "[%s] " : "%s ", list[i]);
> >>
> >> out[-1] = '\n';
> >> --
> >> 2.16.4
> >>
>
>
> --
>
> Coly Li
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] bcache: Use scnprintf() for avoiding potential buffer overflow
2020-03-19 16:28 ` Takashi Iwai
@ 2020-03-19 16:32 ` Coly Li
0 siblings, 0 replies; 5+ messages in thread
From: Coly Li @ 2020-03-19 16:32 UTC (permalink / raw)
To: Takashi Iwai; +Cc: Kent Overstreet, linux-bcache
On 2020/3/20 12:28 上午, Takashi Iwai wrote:
> On Thu, 19 Mar 2020 17:27:47 +0100,
> Coly Li wrote:
>>
>> On 2020/3/19 11:58 下午, Takashi Iwai wrote:
>>> On Wed, 11 Mar 2020 08:45:58 +0100,
>>> Takashi Iwai wrote:
>>>>
>>>> Since snprintf() returns the would-be-output size instead of the
>>>> actual output size, the succeeding calls may go beyond the given
>>>> buffer limit. Fix it by replacing with scnprintf().
>>>>
>>>> Signed-off-by: Takashi Iwai <tiwai@suse.de>
>>>
>>> A gentle reminder for this forgotten patch.
>>> Let me know if any further changes are needed.
>>>
>>
>> Hi Takashi,
>>
>> This is in my for-next list already. Sorry for not reply you yet, just
>> busy on the testing with combined with md raid backend.
>
> OK, thanks. I just wondered because it didn't appear on linux-next,
> either.
I don't submit the patch set to Jens yet, because my local testing not
finished yet. Hopefully it may finish in next 2 days.
--
Coly Li
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-03-19 16:32 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-03-11 7:45 [PATCH] bcache: Use scnprintf() for avoiding potential buffer overflow Takashi Iwai
2020-03-19 15:58 ` Takashi Iwai
2020-03-19 16:27 ` Coly Li
2020-03-19 16:28 ` Takashi Iwai
2020-03-19 16:32 ` Coly Li
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.