Re: [PATCH v3] ipr: fix out-of-bounds null overwrite

From: Martin K. Petersen
Date: Thu Jan 07 2016 - 21:52:38 EST

Next message: Masahiro Yamada: "range operation of outer cache when start >= end?"
Previous message: Joonsoo Kim: "Re: [PATCH 2/2] mm/compaction: speed up pageblock_pfn_to_page() when zone is contiguous"
In reply to: Seymour, Shane M: "RE: [PATCH v3] ipr: fix out-of-bounds null overwrite"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>>>> "Insu" == Insu Yun <wuninsu@xxxxxxxxx> writes:

Insu> Return value of snprintf is not bound by size value, 2nd argument.
Insu> (https://www.kernel.org/doc/htmldocs/kernel-api/API-snprintf.html).
Insu> Return value is number of printed chars, can be larger than 2nd
Insu> argument. Therefore, it can write null byte out of bounds
Insu> ofbuffer. Since snprintf puts null, it does not need to put
Insu> additional null byte.

Applied to 4.5/scsi-queue.

--
Martin K. Petersen Oracle Linux Engineering

Next message: Masahiro Yamada: "range operation of outer cache when start >= end?"
Previous message: Joonsoo Kim: "Re: [PATCH 2/2] mm/compaction: speed up pageblock_pfn_to_page() when zone is contiguous"
In reply to: Seymour, Shane M: "RE: [PATCH v3] ipr: fix out-of-bounds null overwrite"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]