From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754195AbdBVFty (ORCPT ); Wed, 22 Feb 2017 00:49:54 -0500 Received: from mailout4.samsung.com ([203.254.224.34]:56681 "EHLO mailout4.samsung.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750890AbdBVFtq (ORCPT ); Wed, 22 Feb 2017 00:49:46 -0500 X-AuditID: b6c32a2e-f79d66d0000012ad-d5-58ad26776ca3 Subject: Re: [PATCH v2 1/2] usbip: Fix-format-overflow To: Jonathan Dieter , linux-kernel@vger.kernel.org Cc: Valentina Manea , Shuah Khan , Peter Senna Tschudin , Greg Kroah-Hartman , "open list:USB OVER IP DRIVER" From: Krzysztof Opasiak Message-id: Date: Wed, 22 Feb 2017 06:49:40 +0100 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0 MIME-version: 1.0 In-reply-to: <20170221175713.18707-1-jdieter@lesbg.com> Content-type: text/plain; charset=iso-8859-2; format=flowed Content-transfer-encoding: 7bit X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprMKsWRmVeSWpSXmKPExsWy7bCmlm652toIg64ZshbNi9ezWVy/c5zN 4vKuOWwWi5a1Mlt8e9vJaDHl5Tp2i3eX5rI7sHvsnHWX3WPTqk42j73PZDz2z13D7vF5k1wA axSXTUpqTmZZapG+XQJXxr7bFxgLWnkrus8+Y21gfMjVxcjJISFgItH19SYjhC0mceHeerYu Ri4OIYGljBLHXlxlh3DamSQ+XlvDAtNxvvkmM0RiOaPEqVmvoKruM0pMmXiXHaRKWMBM4s+5 D8wgtoiAq8SfqU1gc5kFPjJKPDl2hKmLkYODTUBfYt4uUZAaXgE7iZ3b9rOAhFkEVCWu7aoE CYsKxEi8nveXHaJEUOLH5HtgR3AKmEu83/CYCcRmFrCXeH53JiuELS+xec1bsOMkBJaxS+w4 3s4OMlNCQFZi0wFmiAdcJKa8O8YOYQtLvDq+BcqWlvi79BYjRG8zo0THnmcsEM4ERolt6w5B VVlL/Fk1kQ1iG59E7+8nTBALeCU62oQgSjwknh5bClXuKPHr31QmSABtZJSYtWUD6wRG+VlI HpqF5IlZSJ5YwMi8ilEstaA4Nz212LTAWK84Mbe4NC9dLzk/dxMjOKlo6e1g/LfA+xCjAAej Eg/vhfNrIoRYE8uKK3MPMUpwMCuJ8HYqrY0Q4k1JrKxKLcqPLyrNSS0+xCjNwaIkzhtlMDFC SCA9sSQ1OzW1ILUIJsvEwSnVwLj21Q6/t0qiWpu/F7u6RAnUbjRiqeyY9XKzzff/S2I+vz2r ///2ZU+7PWI5O1a9PPMm2sPj+cqJQdNm2Ocb2jxsr+DZrfKg3FfR5pp8Wxuzyqnw7jLFTRdF FNMsRY53z7oZIdhey6Gwpl1p0zPu9f6M15nLltgWrLOveV3i1vTG7kCJQK+uvhJLcUaioRZz UXEiAPyAcHkmAwAA X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrCIsWRmVeSWpSXmKPExsVy+t9jAd0ytbURBqdmGlo0L17PZnH9znE2 i8u75rBZLFrWymzx7W0no8WUl+vYLd5dmsvuwO6xc9Zddo9NqzrZPPY+k/HYP3cNu8fnTXIB rFFuNhmpiSmpRQqpecn5KZl56bZKoSFuuhZKCnmJuam2ShG6viFBSgpliTmlQJ6RARpwcA5w D1bSt0twy9h3+wJjQStvRffZZ6wNjA+5uhg5OSQETCTON99khrDFJC7cW8/WxcjFISSwlFFi x7O3LBDOQ0aJ+ROWgVUJC5hJ/Dn3AcwWEXCV+DO1CapjI6PEhOkfWUEcZoGPjBJf7/wGquLg YBPQl5i3SxSkgVfATmLntv0sIGEWAVWJa7sqQcKiAjESL/esYoEoEZT4MfkemM0pYC7xfsNj JhCbWcBa4tmRh6wQtrzE5jVvmScwCsxC0jILSdksJGULGJlXMUqkFiQXFCel5xrlpZbrFSfm Fpfmpesl5+duYgTH2DPpHYyHd7kfYhTgYFTi4X3gviZCiDWxrLgy9xCjBAezkghvp9LaCCHe lMTKqtSi/Pii0pzU4kOMpkB/TGSWEk3OB8Z/Xkm8oYm5ibmxgYW5paWJkZI4b+PsZ+FCAumJ JanZqakFqUUwfUwcnFINjHskOsxK+Rfs+PVB/fG6dwXz9Oe0RzOW8ivc2fFpXchyDxfPGy4v fNZpHJc79/Cqy8bt3fXmdzZfv2jQv+7J7Iia6Lml0QUfuoO21W0zT1oaseDpIU5h8akrSzku 7djhMG9jbuG/vI1aswrXFIVlGXa8VMv5xfzRofYiK7twCkPrdfcd2i6a65VYijMSDbWYi4oT AezRYDLHAgAA X-MTR: 20000000000000000@CPGS X-CMS-MailID: 20170222054942epcas5p240afe41bdfa1664efbf1bcf4861e3fa8 X-Msg-Generator: CA X-Sender-IP: 203.254.230.27 X-Local-Sender: =?UTF-8?B?S3J6eXN6dG9mIE9wYXNpYWsbU1JQT0wtU3lzdGVtIChUUCkb?= =?UTF-8?B?7IK87ISx7KCE7J6QG1NvZnR3YXJlIEVuZ2luZWVy?= X-Global-Sender: =?UTF-8?B?S3J6eXN6dG9mIE9wYXNpYWsbU1JQT0wtU3lzdGVtIChUUCkb?= =?UTF-8?B?U2Ftc3VuZ8KgRWxlY3Ryb25pY3MbU29mdHdhcmUgRW5naW5lZXI=?= X-Sender-Code: =?UTF-8?B?QzEwG0VIURtDMTBDRDAyQ0QwMjczOTY=?= CMS-TYPE: 105P X-HopCount: 7 X-CMS-RootMailID: 20170221175748epcas4p4f1fd0bfc11a0b8a65c2977085eec2255 X-RootMTR: 20170221175748epcas4p4f1fd0bfc11a0b8a65c2977085eec2255 References: <1487699421.13719.2.camel@lesbg.com> <20170221175713.18707-1-jdieter@lesbg.com> Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, W dniu 2017-02-21 o 18:57, Jonathan Dieter pisze: > The usbip userspace tools call sprintf()/snprintf() and don't check for > the return value which can lead the paths to overflow, truncating the > final file in the path. > > More urgently, GCC 7 now warns that these aren't checked with > -Wformat-overflow, and with -Werror enabled in configure.ac, that makes > these tools unbuildable. > > This patch fixes these problems by replacing sprintf() with snprintf() in > one place and adding checks for the return value of snprintf(). > > Reviewed-by: Peter Senna Tschudin > Signed-off-by: Jonathan Dieter > --- > tools/usb/usbip/libsrc/usbip_common.c | 8 +++++++- > tools/usb/usbip/libsrc/usbip_host_common.c | 25 ++++++++++++++++++++----- > 2 files changed, 27 insertions(+), 6 deletions(-) > > diff --git a/tools/usb/usbip/libsrc/usbip_common.c b/tools/usb/usbip/libsrc/usbip_common.c > index ac73710..01dd4b2 100644 > --- a/tools/usb/usbip/libsrc/usbip_common.c > +++ b/tools/usb/usbip/libsrc/usbip_common.c > @@ -215,9 +215,15 @@ int read_usb_interface(struct usbip_usb_device *udev, int i, > struct usbip_usb_interface *uinf) > { > char busid[SYSFS_BUS_ID_SIZE]; > + unsigned int size; I'm not really convinced to use unsigned here. snprintf() is declared to return signed integer so we should assume that some of its implementation may return negative error code. Any rationale to this instead of just doing a cast for comparsion but signed value to print error? Best regards -- Krzysztof Opasiak Samsung R&D Institute Poland Samsung Electronics