tracing: use correct string size for snprintf
in [Kernel]
|
From: Steven Rostedt on 15 Jun 2010 17:00 On Tue, 2010-06-15 at 12:29 -0400, Chase Douglas wrote: > The nsecs_str string is a local variable defined as: > > char nsecs_str[5]; > > It is possible for the snprintf call to use a size value larger than the > size of the string. This should not cause a buffer overrun as it is > written now due to the maximum size of the string format. However, this > change makes it correct. By making the size correct we guard against > potential future changes that could actually cause a buffer overrun. > > Cc: stable(a)kernel.org I see that because nsecs_str is based off of nsecs_rem which is the remainder of a division of a 1000, that it wont ever be more than 4 in length. For this, I'll remove the "Cc: stable" part and queue it for 36. No urgent need for now. But I still think it should be added, just because it looks to fragile to have what is in the kernel now. Thanks! -- Steve > Signed-off-by: Chase Douglas <chase.douglas(a)canonical.com> > --- > kernel/trace/trace_functions_graph.c | 3 ++- > 1 files changed, 2 insertions(+), 1 deletions(-) > > diff --git a/kernel/trace/trace_functions_graph.c b/kernel/trace/trace_functions_graph.c > index 79f4bac..73d6bd1 100644 > --- a/kernel/trace/trace_functions_graph.c > +++ b/kernel/trace/trace_functions_graph.c > @@ -641,7 +641,8 @@ trace_print_graph_duration(unsigned long long duration, struct trace_seq *s) > > /* Print nsecs (we don't want to exceed 7 numbers) */ > if (len < 7) { > - snprintf(nsecs_str, 8 - len, "%03lu", nsecs_rem); > + snprintf(nsecs_str, min(sizeof(nsecs_str), 8 - len), "%03lu", > + nsecs_rem); > ret = trace_seq_printf(s, ".%s", nsecs_str); > if (!ret) > return TRACE_TYPE_PARTIAL_LINE; -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
|
Pages: 1 Prev: [PATCH] MAINTAINERS: Change BCMRING maintainer Next: [git pull] OF and powerpc 5200 bug fixes. |