Re: [PATCH net-next] ptp: ocp: fix sprintf overflow in ptp_ocp_verify()

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Dan Carpenter <dan.carpenter@oracle.com>
To: Jonathan Lemon <jonathan.lemon@gmail.com>
Cc: Richard Cochran <richardcochran@gmail.com>,
	"David S. Miller" <davem@davemloft.net>,
	netdev@vger.kernel.org, kernel-janitors@vger.kernel.org
Subject: Re: [PATCH net-next] ptp: ocp: fix sprintf overflow in ptp_ocp_verify()
Date: Fri, 18 Mar 2022 10:45:04 +0300	[thread overview]
Message-ID: <20220318074504.GD3293@kadam> (raw)
In-Reply-To: <20220317170449.qxcf4yi4rzlgbwzu@bsd-mbp.dhcp.thefacebook.com>

On Thu, Mar 17, 2022 at 10:04:49AM -0700, Jonathan Lemon wrote:
> On Thu, Mar 17, 2022 at 10:59:57AM +0300, Dan Carpenter wrote:
> > The "chan" value comes from the user via sysfs.  A large like UINT_MAX
> > could overflow the buffer by three bytes.  Make the buffer larger and
> > use snprintf() instead of sprintf().
> > 
> > Fixes: 1aa66a3a135a ("ptp: ocp: Program the signal generators via PTP_CLK_REQ_PEROUT")
> > Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
> 
> This needs to be respun to catch up with the last patch.

Thanks.  It turns out you can't actually trigger this bug.  Still using
snprintf() is better so I will resend.

regards,
dan carpenter

     prev parent reply	other threads:[~2022-03-18  7:45 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-03-17  7:59 [PATCH net-next] ptp: ocp: fix sprintf overflow in ptp_ocp_verify() Dan Carpenter
2022-03-17 17:04 ` Jonathan Lemon
2022-03-18  7:45   ` Dan Carpenter [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220318074504.GD3293@kadam \
    --to=dan.carpenter@oracle.com \
    --cc=davem@davemloft.net \
    --cc=jonathan.lemon@gmail.com \
    --cc=kernel-janitors@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=richardcochran@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.