* [PATCH] iio: force snprintf for PAGE_SIZE bufs
@ 2014-03-13 16:46 Kees Cook
2014-03-15 14:45 ` Jonathan Cameron
0 siblings, 1 reply; 2+ messages in thread
From: Kees Cook @ 2014-03-13 16:46 UTC (permalink / raw)
To: linux-kernel; +Cc: Jonathan Cameron, linux-iio
This is a tiny preventative measure to make sure we can't write beyond
PAGE_SIZE on the buffers being used in sysfs for iio. There is currently
no way for this to happen, but the change makes this code more robust
for the future.
Signed-off-by: Kees Cook <keescook@chromium.org>
---
drivers/iio/industrialio-core.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/iio/industrialio-core.c b/drivers/iio/industrialio-core.c
index acc911a836ca..64bb64f35af8 100644
--- a/drivers/iio/industrialio-core.c
+++ b/drivers/iio/industrialio-core.c
@@ -340,7 +340,7 @@ ssize_t iio_enum_read(struct iio_dev *indio_dev,
else if (i >= e->num_items)
return -EINVAL;
- return sprintf(buf, "%s\n", e->items[i]);
+ return snprintf(buf, PAGE_SIZE, "%s\n", e->items[i]);
}
EXPORT_SYMBOL_GPL(iio_enum_read);
@@ -836,7 +836,7 @@ static ssize_t iio_show_dev_name(struct device *dev,
char *buf)
{
struct iio_dev *indio_dev = dev_to_iio_dev(dev);
- return sprintf(buf, "%s\n", indio_dev->name);
+ return snprintf(buf, PAGE_SIZE, "%s\n", indio_dev->name);
}
static DEVICE_ATTR(name, S_IRUGO, iio_show_dev_name, NULL);
--
1.7.9.5
--
Kees Cook
Chrome OS Security
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] iio: force snprintf for PAGE_SIZE bufs
2014-03-13 16:46 [PATCH] iio: force snprintf for PAGE_SIZE bufs Kees Cook
@ 2014-03-15 14:45 ` Jonathan Cameron
0 siblings, 0 replies; 2+ messages in thread
From: Jonathan Cameron @ 2014-03-15 14:45 UTC (permalink / raw)
To: Kees Cook, linux-kernel; +Cc: linux-iio
On 13/03/14 16:46, Kees Cook wrote:
> This is a tiny preventative measure to make sure we can't write beyond
> PAGE_SIZE on the buffers being used in sysfs for iio. There is currently
> no way for this to happen, but the change makes this code more robust
> for the future.
>
> Signed-off-by: Kees Cook <keescook@chromium.org>
A sensible enough change I guess.
Applied to the togreg branch of iio.git
Jonathan
> ---
> drivers/iio/industrialio-core.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/iio/industrialio-core.c b/drivers/iio/industrialio-core.c
> index acc911a836ca..64bb64f35af8 100644
> --- a/drivers/iio/industrialio-core.c
> +++ b/drivers/iio/industrialio-core.c
> @@ -340,7 +340,7 @@ ssize_t iio_enum_read(struct iio_dev *indio_dev,
> else if (i >= e->num_items)
> return -EINVAL;
>
> - return sprintf(buf, "%s\n", e->items[i]);
> + return snprintf(buf, PAGE_SIZE, "%s\n", e->items[i]);
> }
> EXPORT_SYMBOL_GPL(iio_enum_read);
>
> @@ -836,7 +836,7 @@ static ssize_t iio_show_dev_name(struct device *dev,
> char *buf)
> {
> struct iio_dev *indio_dev = dev_to_iio_dev(dev);
> - return sprintf(buf, "%s\n", indio_dev->name);
> + return snprintf(buf, PAGE_SIZE, "%s\n", indio_dev->name);
> }
>
> static DEVICE_ATTR(name, S_IRUGO, iio_show_dev_name, NULL);
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-03-15 14:44 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-03-13 16:46 [PATCH] iio: force snprintf for PAGE_SIZE bufs Kees Cook
2014-03-15 14:45 ` Jonathan Cameron
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).