Re: [PATCH] dev/parport: fix the array out-of-bounds risk

From: Greg KH
Date: Thu Jul 04 2024 - 06:08:03 EST

Next message: Johan Hovold: "Re: [PATCH 2/3] serial: qcom-geni: fix soft lockup on sw flow control and suspend"
Previous message: Marc Kleine-Budde: "Re: [PATCH v2 1/1] dt-bindings: can: fsl,flexcan: add common 'can-transceiver' for fsl,flexcan"
In reply to: tuhaowen: "[PATCH] dev/parport: fix the array out-of-bounds risk"
Next in thread: tuhaowen: "Re: Re: [PATCH] dev/parport: fix the array out-of-bounds risk"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jun 26, 2024 at 10:11:36AM +0800, tuhaowen wrote:
> The array buffer size is 20 bytes.
> When executing code in a 64-bit CPU environment, up to 42 bytes of
> data will be written into this array
> (the size of "%lu\t%lu\n" is 20 + 1 + 20 + 1).
>
> In fact, this line of code for 32-bit CPUs also has the risk of
> crossing the boundary, but it can exceed 2 bytes at most. With good
> luck, it is local variables that are damaged, and there are no serious
> consequences.

Usually because no one actually has this hardware anymore :)

Can you also properly test the buffer size when writing into it so that
even if the math is incorrect, it will not overflow?

thanks,

greg k-h

Next message: Johan Hovold: "Re: [PATCH 2/3] serial: qcom-geni: fix soft lockup on sw flow control and suspend"
Previous message: Marc Kleine-Budde: "Re: [PATCH v2 1/1] dt-bindings: can: fsl,flexcan: add common 'can-transceiver' for fsl,flexcan"
In reply to: tuhaowen: "[PATCH] dev/parport: fix the array out-of-bounds risk"
Next in thread: tuhaowen: "Re: Re: [PATCH] dev/parport: fix the array out-of-bounds risk"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]