From: Ulf Hansson <ulf.hansson@linaro.org>
To: Sergey Shtylyov <s.shtylyov@omp.ru>
Cc: linux-mmc@vger.kernel.org
Subject: Re: [PATCH v2] mmc: core: use sysfs_emit() in #define sdio_info_attr()
Date: Mon, 31 Jan 2022 17:14:18 +0100 [thread overview]
Message-ID: <CAPDyKFpCH_0Hiq_FhmoUdgY0BXfnK0=jdB+zHQ8e16WKFNJfjA@mail.gmail.com> (raw)
In-Reply-To: <b0d9cdda-33f3-1eb0-a76e-26125089e5c5@omp.ru>
On Thu, 27 Jan 2022 at 22:01, Sergey Shtylyov <s.shtylyov@omp.ru> wrote:
>
> sprintf() (still used in #define sdio_info_attr()) is vulnerable to the
> buffer overflow. Use the new-fangled sysfs_emit() instead.
>
> While at it, add spaces around the minus sign...
>
> Found by Linux Verification Center (linuxtesting.org) with the SVACE static
> analysis tool.
>
> Signed-off-by: Sergey Shtylyov <s.shtylyov@omp.ru>
Thanks for fixing this!
However, rather than applying these piece by piece, would you mind
squashing these "sysfs_emit" fixes into one patch for the mmc core? It
would be easier for me to handle - and it should still be an easy
backport, I think.
Kind regards
Uffe
>
> ---
> This patch is against the 'next' branch of Ulf Hansson's 'mmc.git' repo.
>
> Changes in version 2:
> - added the same macro change in drivers/mmc/corfe/sdio[_bus].c;
> - updated the patch subject.
>
> drivers/mmc/core/sd.c | 4 ++--
> drivers/mmc/core/sdio.c | 4 ++--
> drivers/mmc/core/sdio_bus.c | 4 ++--
> 3 files changed, 6 insertions(+), 6 deletions(-)
>
> Index: mmc/drivers/mmc/core/sd.c
> ===================================================================
> --- mmc.orig/drivers/mmc/core/sd.c
> +++ mmc/drivers/mmc/core/sd.c
> @@ -735,9 +735,9 @@ static ssize_t info##num##_show(struct d
> \
> if (num > card->num_info) \
> return -ENODATA; \
> - if (!card->info[num-1][0]) \
> + if (!card->info[num - 1][0]) \
> return 0; \
> - return sprintf(buf, "%s\n", card->info[num-1]); \
> + return sysfs_emit(buf, "%s\n", card->info[num - 1]); \
> } \
> static DEVICE_ATTR_RO(info##num)
>
> Index: mmc/drivers/mmc/core/sdio.c
> ===================================================================
> --- mmc.orig/drivers/mmc/core/sdio.c
> +++ mmc/drivers/mmc/core/sdio.c
> @@ -40,9 +40,9 @@ static ssize_t info##num##_show(struct d
> \
> if (num > card->num_info) \
> return -ENODATA; \
> - if (!card->info[num-1][0]) \
> + if (!card->info[num - 1][0]) \
> return 0; \
> - return sprintf(buf, "%s\n", card->info[num-1]); \
> + return sysfs_emit(buf, "%s\n", card->info[num - 1]); \
> } \
> static DEVICE_ATTR_RO(info##num)
>
> Index: mmc/drivers/mmc/core/sdio_bus.c
> ===================================================================
> --- mmc.orig/drivers/mmc/core/sdio_bus.c
> +++ mmc/drivers/mmc/core/sdio_bus.c
> @@ -52,9 +52,9 @@ static ssize_t info##num##_show(struct d
> \
> if (num > func->num_info) \
> return -ENODATA; \
> - if (!func->info[num-1][0]) \
> + if (!func->info[num - 1][0]) \
> return 0; \
> - return sprintf(buf, "%s\n", func->info[num-1]); \
> + return sysfs_emit(buf, "%s\n", func->info[num - 1]); \
> } \
> static DEVICE_ATTR_RO(info##num)
>
next prev parent reply other threads:[~2022-01-31 16:14 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-27 21:01 [PATCH v2] mmc: core: use sysfs_emit() in #define sdio_info_attr() Sergey Shtylyov
2022-01-31 16:14 ` Ulf Hansson [this message]
2022-02-07 20:08 ` Sergey Shtylyov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAPDyKFpCH_0Hiq_FhmoUdgY0BXfnK0=jdB+zHQ8e16WKFNJfjA@mail.gmail.com' \
--to=ulf.hansson@linaro.org \
--cc=linux-mmc@vger.kernel.org \
--cc=s.shtylyov@omp.ru \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.