Re: [PATCH] kernel/cpu: fix: use scnprintf or sprintf.
From: Qais Yousef
Date: Wed Dec 23 2020 - 08:30:17 EST
Hi Yang
'or sprintf' in the subject line doesn't make much sense for what's done in
this patch. Perhaps you meant "Use scnprintf instead of snprintf"?
On 12/22/20 17:11, YANG LI wrote:
> The snprintf() function returns the number of characters which would
> have been printed if there were enough space, but the scnprintf()
> returns the number of characters which were actually printed. If the
> buffer is not large enough, then using snprintf() would result in a
> read overflow and an information leak.
>
> Signed-off-by: YANG LI <abaci-bugfix@xxxxxxxxxxxxxxxxx>
> Reported-by: Abaci <abaci@xxxxxxxxxxxxxxxxx>
Two different yet very similar email addresses, it seems both are you? The
Reported-by is unnecessary.
> ---
> kernel/cpu.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/cpu.c b/kernel/cpu.c
> index 4e11e91..c123741 100644
> --- a/kernel/cpu.c
> +++ b/kernel/cpu.c
> @@ -2345,7 +2345,7 @@ static ssize_t show_cpuhp_states(struct device *dev,
> {
> const char *state = smt_states[cpu_smt_control];
>
> - return snprintf(buf, PAGE_SIZE - 2, "%s\n", state);
> + return scnprintf(buf, PAGE_SIZE - 2, "%s\n", state);
show_cpuhp_states() doesn't have snprintf() in Linus' master. Which tree is
this based on?
I can see two snprintf() in cpu.c, show_smt_active/control().
Mind resend to fix them both?
Thanks
--
Qais Yousef