From: kernel test robot <lkp@intel.com>
To: Nicolas Pitre <npitre@baylibre.com>
Cc: oe-kbuild-all@lists.linux.dev, linux-kernel@vger.kernel.org,
Arnd Bergmann <arnd@arndb.de>
Subject: security/keys/proc.c:211:40: warning: '%llu' directive writing between 1 and 18 bytes into a region of size 16
Date: Wed, 8 Jan 2025 14:24:07 +0800 [thread overview]
Message-ID: <202501081457.U670b2Xy-lkp@intel.com> (raw)
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 09a0fa92e5b45e99cf435b2fbf5ebcf889cf8780
commit: 00a31dd3acea0f88f947fc71e268ebb34b59f218 asm-generic/div64: optimize/simplify __div64_const32()
date: 2 months ago
config: arm-randconfig-r002-20220811 (https://download.01.org/0day-ci/archive/20250108/202501081457.U670b2Xy-lkp@intel.com/config)
compiler: arm-linux-gnueabi-gcc (GCC) 12.4.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250108/202501081457.U670b2Xy-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202501081457.U670b2Xy-lkp@intel.com/
All warnings (new ones prefixed by >>):
security/keys/proc.c: In function 'proc_keys_show':
security/keys/proc.c:217:45: warning: 'sprintf' may write a terminating nul past the end of the destination [-Wformat-overflow=]
217 | sprintf(xbuf, "%lluw", div_u64(timo, 60 * 60 * 24 * 7));
| ^
security/keys/proc.c:217:25: note: 'sprintf' output between 3 and 17 bytes into a destination of size 16
217 | sprintf(xbuf, "%lluw", div_u64(timo, 60 * 60 * 24 * 7));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
security/keys/proc.c:215:45: warning: 'sprintf' may write a terminating nul past the end of the destination [-Wformat-overflow=]
215 | sprintf(xbuf, "%llud", div_u64(timo, 60 * 60 * 24));
| ^
security/keys/proc.c:215:25: note: 'sprintf' output between 3 and 17 bytes into a destination of size 16
215 | sprintf(xbuf, "%llud", div_u64(timo, 60 * 60 * 24));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
security/keys/proc.c:213:44: warning: 'h' directive writing 1 byte into a region of size between 0 and 15 [-Wformat-overflow=]
213 | sprintf(xbuf, "%lluh", div_u64(timo, 60 * 60));
| ^
security/keys/proc.c:213:25: note: 'sprintf' output between 3 and 18 bytes into a destination of size 16
213 | sprintf(xbuf, "%lluh", div_u64(timo, 60 * 60));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> security/keys/proc.c:211:40: warning: '%llu' directive writing between 1 and 18 bytes into a region of size 16 [-Wformat-overflow=]
211 | sprintf(xbuf, "%llum", div_u64(timo, 60));
| ^~~~
security/keys/proc.c:211:39: note: directive argument in the range [0, 576460752303423487]
211 | sprintf(xbuf, "%llum", div_u64(timo, 60));
| ^~~~~~~
security/keys/proc.c:211:25: note: 'sprintf' output between 3 and 20 bytes into a destination of size 16
211 | sprintf(xbuf, "%llum", div_u64(timo, 60));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
vim +211 security/keys/proc.c
^1da177e4c3f41 Linus Torvalds 2005-04-16 152
^1da177e4c3f41 Linus Torvalds 2005-04-16 153 static int proc_keys_show(struct seq_file *m, void *v)
^1da177e4c3f41 Linus Torvalds 2005-04-16 154 {
^1da177e4c3f41 Linus Torvalds 2005-04-16 155 struct rb_node *_p = v;
^1da177e4c3f41 Linus Torvalds 2005-04-16 156 struct key *key = rb_entry(_p, struct key, serial_node);
ab5c69f01313c8 Eric Biggers 2017-09-27 157 unsigned long flags;
927942aabbbe50 David Howells 2010-06-11 158 key_ref_t key_ref, skey_ref;
074d58989569b3 Baolin Wang 2017-11-15 159 time64_t now, expiry;
03dab869b7b239 David Howells 2016-10-26 160 char xbuf[16];
363b02dab09b32 David Howells 2017-10-04 161 short state;
074d58989569b3 Baolin Wang 2017-11-15 162 u64 timo;
06ec7be557a125 Michael LeMay 2006-06-26 163 int rc;
06ec7be557a125 Michael LeMay 2006-06-26 164
4bdf0bc3003141 David Howells 2013-09-24 165 struct keyring_search_context ctx = {
ede0fa98a900e6 Eric Biggers 2019-02-22 166 .index_key = key->index_key,
4aa68e07d84556 Eric Biggers 2017-09-18 167 .cred = m->file->f_cred,
462919591a1791 David Howells 2014-09-16 168 .match_data.cmp = lookup_user_key_possessed,
462919591a1791 David Howells 2014-09-16 169 .match_data.raw_data = key,
462919591a1791 David Howells 2014-09-16 170 .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT,
dcf49dbc8077e2 David Howells 2019-06-26 171 .flags = (KEYRING_SEARCH_NO_STATE_CHECK |
dcf49dbc8077e2 David Howells 2019-06-26 172 KEYRING_SEARCH_RECURSE),
4bdf0bc3003141 David Howells 2013-09-24 173 };
4bdf0bc3003141 David Howells 2013-09-24 174
028db3e290f15a Linus Torvalds 2019-07-10 175 key_ref = make_key_ref(key, 0);
927942aabbbe50 David Howells 2010-06-11 176
927942aabbbe50 David Howells 2010-06-11 177 /* determine if the key is possessed by this process (a test we can
927942aabbbe50 David Howells 2010-06-11 178 * skip if the key does not indicate the possessor can view it
927942aabbbe50 David Howells 2010-06-11 179 */
028db3e290f15a Linus Torvalds 2019-07-10 180 if (key->perm & KEY_POS_VIEW) {
028db3e290f15a Linus Torvalds 2019-07-10 181 rcu_read_lock();
e59428f721ee09 David Howells 2019-06-19 182 skey_ref = search_cred_keyrings_rcu(&ctx);
028db3e290f15a Linus Torvalds 2019-07-10 183 rcu_read_unlock();
927942aabbbe50 David Howells 2010-06-11 184 if (!IS_ERR(skey_ref)) {
927942aabbbe50 David Howells 2010-06-11 185 key_ref_put(skey_ref);
927942aabbbe50 David Howells 2010-06-11 186 key_ref = make_key_ref(key, 1);
927942aabbbe50 David Howells 2010-06-11 187 }
927942aabbbe50 David Howells 2010-06-11 188 }
927942aabbbe50 David Howells 2010-06-11 189
4aa68e07d84556 Eric Biggers 2017-09-18 190 /* check whether the current task is allowed to view the key */
f5895943d91b41 David Howells 2014-03-14 191 rc = key_task_permission(key_ref, ctx.cred, KEY_NEED_VIEW);
06ec7be557a125 Michael LeMay 2006-06-26 192 if (rc < 0)
028db3e290f15a Linus Torvalds 2019-07-10 193 return 0;
^1da177e4c3f41 Linus Torvalds 2005-04-16 194
074d58989569b3 Baolin Wang 2017-11-15 195 now = ktime_get_real_seconds();
^1da177e4c3f41 Linus Torvalds 2005-04-16 196
028db3e290f15a Linus Torvalds 2019-07-10 197 rcu_read_lock();
028db3e290f15a Linus Torvalds 2019-07-10 198
^1da177e4c3f41 Linus Torvalds 2005-04-16 199 /* come up with a suitable timeout value */
ab5c69f01313c8 Eric Biggers 2017-09-27 200 expiry = READ_ONCE(key->expiry);
39299bdd254668 David Howells 2023-12-09 201 if (expiry == TIME64_MAX) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 202 memcpy(xbuf, "perm", 5);
074d58989569b3 Baolin Wang 2017-11-15 203 } else if (now >= expiry) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 204 memcpy(xbuf, "expd", 5);
7b1b9164598286 David Howells 2009-09-02 205 } else {
074d58989569b3 Baolin Wang 2017-11-15 206 timo = expiry - now;
^1da177e4c3f41 Linus Torvalds 2005-04-16 207
^1da177e4c3f41 Linus Torvalds 2005-04-16 208 if (timo < 60)
074d58989569b3 Baolin Wang 2017-11-15 209 sprintf(xbuf, "%llus", timo);
^1da177e4c3f41 Linus Torvalds 2005-04-16 210 else if (timo < 60*60)
074d58989569b3 Baolin Wang 2017-11-15 @211 sprintf(xbuf, "%llum", div_u64(timo, 60));
^1da177e4c3f41 Linus Torvalds 2005-04-16 212 else if (timo < 60*60*24)
074d58989569b3 Baolin Wang 2017-11-15 213 sprintf(xbuf, "%lluh", div_u64(timo, 60 * 60));
^1da177e4c3f41 Linus Torvalds 2005-04-16 214 else if (timo < 60*60*24*7)
074d58989569b3 Baolin Wang 2017-11-15 215 sprintf(xbuf, "%llud", div_u64(timo, 60 * 60 * 24));
^1da177e4c3f41 Linus Torvalds 2005-04-16 216 else
074d58989569b3 Baolin Wang 2017-11-15 217 sprintf(xbuf, "%lluw", div_u64(timo, 60 * 60 * 24 * 7));
^1da177e4c3f41 Linus Torvalds 2005-04-16 218 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 219
363b02dab09b32 David Howells 2017-10-04 220 state = key_read_state(key);
363b02dab09b32 David Howells 2017-10-04 221
:::::: The code at line 211 was first introduced by commit
:::::: 074d58989569b39f04294c90ef36dd82b8c2cc1a security: keys: Replace time_t/timespec with time64_t
:::::: TO: Baolin Wang <baolin.wang@linaro.org>
:::::: CC: David Howells <dhowells@redhat.com>
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
next reply other threads:[~2025-01-08 6:24 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-08 6:24 kernel test robot [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-01-15 8:11 security/keys/proc.c:211:40: warning: '%llu' directive writing between 1 and 18 bytes into a region of size 16 kernel test robot
2025-02-14 3:05 kernel test robot
2025-02-28 22:51 kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202501081457.U670b2Xy-lkp@intel.com \
--to=lkp@intel.com \
--cc=arnd@arndb.de \
--cc=linux-kernel@vger.kernel.org \
--cc=npitre@baylibre.com \
--cc=oe-kbuild-all@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.