| Message ID | 20231109085029.2079176-1-adeep@lexina.in |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:b129:0:b0:403:3b70:6f57 with SMTP id q9csp301789vqs;
Thu, 9 Nov 2023 00:51:45 -0800 (PST)
X-Google-Smtp-Source:
AGHT+IGnMsrwUC+PeRG3GkpbxNr1lL/AjXkDHpxUpeuxTD5MeQtJ1hQV8SHqw4ieLZYcyVNAfiHw
X-Received: by 2002:a17:903:18f:b0:1cc:4a83:d839 with SMTP id
z15-20020a170903018f00b001cc4a83d839mr6535174plg.17.1699519904862;
Thu, 09 Nov 2023 00:51:44 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1699519904; cv=none;
d=google.com; s=arc-20160816;
b=zZMLdlOfUxqKj7MGmhRlN1C0kEPXIJr4TNk1pvST3ZqksEFTYzF7bY8VTZTKyesNHa
88Po24S+SRoIx14KWoN28voQR+LVLuL2N3jR66qgPMqT0UIm8iSH2aCj1AKU6G+Aeh89
+SRHo79Q2+xV/8A8X+LHxk7DdE3zDXVbX0GshvKDp7p7CNhV21nByMjGjJA2inGuD+PR
AQM1uueQSMqyzzLGLhZyFQ2dFrOcnisAmHIUMjhmLX86uwi+iVxXpxLNtAzjElyYJJ6y
qXH+8d1vFtGWFzkvHiJ/QSD+MhDhzesLWSMKIVHlZD+rYFCHeacOQtpFz3BGb2LShuQk
qb3g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:to:from:dkim-signature;
bh=cD6HIvwS1+eD7lmzk4U069SbWiB68SgbaID0yXccmhM=;
fh=Bllhknq5mciwRt9/KlTV9ZyEB86DXiZLRo/zORr6zwc=;
b=q4br+uaQyruJVGlztb6BOKBWKxsiBv5/9AVhmV355g1rKIDaz6cbK+XUiN94lqIyOo
Ea5gGkV0HGmvMzVGtAIDUqUedHT5676f/yh0GWbZWMJc4+URVpZkJjRmJ9BxSBWEYgVp
aO1HMEjK77c8uN0vGCIhbny6GHm3S8wnf/8TKdjeny5GUm3hgakYOSmb89SUXTVYF5CW
yvQueQbrXMBTOC3jiiU1usCQQEE15/jHDJETLwj5JeU5LZXkWQWSptbVv5Qyqd/ra8Sj
wlXzUjQwKJSbM89z1wgDYMUpklqD5ZHzHlox9EWuSp+dQxMUAhNiKznMvj39bdzZpQEA
KwbA==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@lexina.in header.s=dkim header.b=aDZLp3j1;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:7 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=QUARANTINE sp=REJECT dis=NONE) header.from=lexina.in
Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7])
by mx.google.com with ESMTPS id
km7-20020a17090327c700b001c9fb3b55f0si3894176plb.652.2023.11.09.00.51.44
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Thu, 09 Nov 2023 00:51:44 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:7 as permitted sender)
client-ip=2620:137:e000::3:7;
Authentication-Results: mx.google.com;
dkim=pass header.i=@lexina.in header.s=dkim header.b=aDZLp3j1;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:7 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=QUARANTINE sp=REJECT dis=NONE) header.from=lexina.in
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
by snail.vger.email (Postfix) with ESMTP id 660D9802886D;
Thu, 9 Nov 2023 00:50:47 -0800 (PST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.11 at snail.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S233653AbjKIIuj (ORCPT <rfc822;jaysivo@gmail.com> + 32 others);
Thu, 9 Nov 2023 03:50:39 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33432 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S229697AbjKIIui (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Thu, 9 Nov 2023 03:50:38 -0500
Received: from mx.msync.work (mx.msync.work [62.182.159.68])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DA0C0210A;
Thu, 9 Nov 2023 00:50:35 -0800 (PST)
Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon)
with ESMTPSA id 517661506C8;
Thu, 9 Nov 2023 08:50:32 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lexina.in; s=dkim;
t=1699519834; h=from:subject:date:message-id:to:mime-version:
content-transfer-encoding;
bh=cD6HIvwS1+eD7lmzk4U069SbWiB68SgbaID0yXccmhM=;
b=aDZLp3j11jfHj1w+dkJjDQmX75SXmjAGrwYH6Y+rWWJgRthl68IQSJ3K8OSASbFeTYp66O
/RK8a6rfbE0genlAmaLhir3mWSRvghogQ52JhRjFm30t3M296Z3zjqtd5pYUwVZzeP2EX7
vpTxg+7Hg5iJ7xu1HKGBB65gZZ3kjtUSQ8mmumz+oYmT8d4BKPyf0ZhRzc9YGVIc4vqkhS
PUylTPi1gEPSMk+Wzstc3R+giHWZgeWgAoemjqNTYq3/KRtgMUb3vuVzGnTVFt3xOtatL0
S+1tLvIYO1HHk4sIHdadttgBE0YDcnnXLIj5VnFVnvBlsOgjXwXRB8n7OVv9eQ==
From: Viacheslav Bocharov <adeep@lexina.in>
To: Neil Armstrong <neil.armstrong@linaro.org>,
Jerome Brunet <jbrunet@baylibre.com>,
Kevin Hilman <khilman@baylibre.com>,
Martin Blumenstingl <martin.blumenstingl@googlemail.com>,
linux-amlogic@lists.infradead.org,
linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
devicetree@vger.kernel.org
Subject: [PATCH] firmware: meson-sm: change sprintf to scnprintf
Date: Thu, 9 Nov 2023 11:50:29 +0300
Message-Id: <20231109085029.2079176-1-adeep@lexina.in>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Last-TLS-Session-Version: TLSv1.3
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]);
Thu, 09 Nov 2023 00:50:47 -0800 (PST)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1782075783769089439
X-GMAIL-MSGID: 1782075783769089439
|
| Series |
firmware: meson-sm: change sprintf to scnprintf
|
|
Commit Message
Viacheslav
Nov. 9, 2023, 8:50 a.m. UTC
Update sprintf in serial_show frunction to scnprintf command to
prevent sysfs buffer overflow (buffer always is PAGE_SIZE bytes).
Signed-off-by: Viacheslav Bocharov <adeep@lexina.in>
---
drivers/firmware/meson/meson_sm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Comments
From: Viacheslav Bocharov > Sent: 09 November 2023 08:50 > > Update sprintf in serial_show frunction to scnprintf command to > prevent sysfs buffer overflow (buffer always is PAGE_SIZE bytes). Isn't the correct function sysfs_emit() ? In any case that particular example can't possibly overflow. David > > Signed-off-by: Viacheslav Bocharov <adeep@lexina.in> > --- > drivers/firmware/meson/meson_sm.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/firmware/meson/meson_sm.c b/drivers/firmware/meson/meson_sm.c > index ed60f1103053..c1c694b485ee 100644 > --- a/drivers/firmware/meson/meson_sm.c > +++ b/drivers/firmware/meson/meson_sm.c > @@ -265,7 +265,7 @@ static ssize_t serial_show(struct device *dev, struct device_attribute *attr, > return ret; > } > > - ret = sprintf(buf, "%12phN\n", &id_buf[SM_CHIP_ID_OFFSET]); > + ret = scnprintf(buf, PAGE_SIZE, "%12phN\n", &id_buf[SM_CHIP_ID_OFFSET]); > > kfree(id_buf); > > -- > 2.34.1 - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
Hi! On Thu, 2023-11-09 at 17:59 +0000, David Laight wrote: > From: Viacheslav Bocharov > > Sent: 09 November 2023 08:50 > > > > Update sprintf in serial_show frunction to scnprintf command to > > prevent sysfs buffer overflow (buffer always is PAGE_SIZE bytes). > > Isn't the correct function sysfs_emit() ? Good catch. There's always something new to find) > In any case that particular example can't possibly overflow. Practically in this example, I agree. But nevertheless, ideologically, a pointer to the buffer is passed to the function, but its size is not passed. This may cause an overflow error when making changes in the code. Yes, the lengths of %12phN and PAGE_SIZE are very different at the moment. But what happens if both of these numbers change unpredictably in future changes? > David > > > > > Signed-off-by: Viacheslav Bocharov <adeep@lexina.in> > > --- > > drivers/firmware/meson/meson_sm.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/drivers/firmware/meson/meson_sm.c b/drivers/firmware/meson/meson_sm.c > > index ed60f1103053..c1c694b485ee 100644 > > --- a/drivers/firmware/meson/meson_sm.c > > +++ b/drivers/firmware/meson/meson_sm.c > > @@ -265,7 +265,7 @@ static ssize_t serial_show(struct device *dev, struct device_attribute *attr, > > return ret; > > } > > > > - ret = sprintf(buf, "%12phN\n", &id_buf[SM_CHIP_ID_OFFSET]); > > + ret = scnprintf(buf, PAGE_SIZE, "%12phN\n", &id_buf[SM_CHIP_ID_OFFSET]); > > > > kfree(id_buf); > > > > -- > > 2.34.1 > > - > Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK > Registration No: 1397386 (Wales) > > > _______________________________________________ > linux-amlogic mailing list > linux-amlogic@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/linux-amlogic
diff --git a/drivers/firmware/meson/meson_sm.c b/drivers/firmware/meson/meson_sm.c index ed60f1103053..c1c694b485ee 100644 --- a/drivers/firmware/meson/meson_sm.c +++ b/drivers/firmware/meson/meson_sm.c @@ -265,7 +265,7 @@ static ssize_t serial_show(struct device *dev, struct device_attribute *attr, return ret; } - ret = sprintf(buf, "%12phN\n", &id_buf[SM_CHIP_ID_OFFSET]); + ret = scnprintf(buf, PAGE_SIZE, "%12phN\n", &id_buf[SM_CHIP_ID_OFFSET]); kfree(id_buf);