[04/22] scsi: fusion: fix string overflow warning

Message ID	20170714120720.906842-5-arnd@arndb.de
State	New
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; From: Arnd Bergmann <arnd@arndb.de> To: linux-kernel@vger.kernel.org, Sathya Prakash <sathya.prakash@broadcom.com>, Chaitra P B <chaitra.basappa@broadcom.com>, Suganath Prabu Subramani <suganath-prabu.subramani@broadcom.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Linus Torvalds <torvalds@linux-foundation.org>, Guenter Roeck <linux@roeck-us.net>, akpm@linux-foundation.org, netdev@vger.kernel.org, "David S . Miller" <davem@davemloft.net>, "James E . J . Bottomley" <jejb@linux.vnet.ibm.com>, "Martin K . Petersen" <martin.petersen@oracle.com>, linux-scsi@vger.kernel.org, x86@kernel.org, Arnd Bergmann <arnd@arndb.de>, Helge Deller <deller@gmx.de>, MPT-FusionLinux.pdl@broadcom.com Subject: [PATCH 04/22] scsi: fusion: fix string overflow warning Date: Fri, 14 Jul 2017 14:06:56 +0200 Message-Id: <20170714120720.906842-5-arnd@arndb.de> In-Reply-To: <20170714120720.906842-1-arnd@arndb.de> References: <20170714120720.906842-1-arnd@arndb.de> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk
Series	gcc-7 -Wformat-* warnings \| expand [00/22] gcc-7 -Wformat-* warnings [01/22] kbuild: disable -Wformat-truncation warnings by default [02/22] scsi: megaraid: fix format-overflow warning [03/22] scsi: mpt3sas: fix format overflow warning [04/22] scsi: fusion: fix string overflow warning [05/22] scsi: gdth: avoid buffer overflow warning [06/22] scsi: fnic: fix format string overflow warning [07/22] scsi: gdth: increase the procfs event buffer size [08/22] isdn: divert: fix sprintf buffer overflow warning [10/22] bnx2x: fix format overflow warning [11/22] net: thunder_bgx: avoid format string overflow warning [12/22] vmxnet3: avoid format strint overflow warning [13/22] liquidio: fix possible eeprom format string overflow [14/22,media] usbvision-i2c: fix format overflow warning [15/22] hwmon: applesmc: fix format string overflow [16/22] x86: intel-mid: fix a format string overflow warning [17/22] platform/x86: alienware-wmi: fix format string overflow warning [20/22] sound: pci: avoid string overflow warnings [21/22] fscache: fix fscache_objlist_show format processing

Message ID

20170714120720.906842-5-arnd@arndb.de

State

New

Headers

Received-SPF: pass (google.com: best guess record for domain of
	linux-kernel-owner@vger.kernel.org designates 209.132.180.67
	as permitted sender) client-ip=209.132.180.67; 
From: Arnd Bergmann <arnd@arndb.de>
To: linux-kernel@vger.kernel.org,
	Sathya Prakash <sathya.prakash@broadcom.com>,
	Chaitra P B <chaitra.basappa@broadcom.com>, Suganath Prabu Subramani 
	<suganath-prabu.subramani@broadcom.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Guenter Roeck <linux@roeck-us.net>, akpm@linux-foundation.org,
	netdev@vger.kernel.org, "David S . Miller" <davem@davemloft.net>,
	"James E . J . Bottomley" <jejb@linux.vnet.ibm.com>,
	"Martin K . Petersen" <martin.petersen@oracle.com>,
	linux-scsi@vger.kernel.org, x86@kernel.org,
	Arnd Bergmann <arnd@arndb.de>, Helge Deller <deller@gmx.de>,
	MPT-FusionLinux.pdl@broadcom.com
Subject: [PATCH 04/22] scsi: fusion: fix string overflow warning
Date: Fri, 14 Jul 2017 14:06:56 +0200
Message-Id: <20170714120720.906842-5-arnd@arndb.de>
In-Reply-To: <20170714120720.906842-1-arnd@arndb.de>
References: <20170714120720.906842-1-arnd@arndb.de>
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk

Series

gcc-7 -Wformat-* warnings | expand

Commit Message

Arnd Bergmann July 14, 2017, 12:06 p.m. UTC

gcc points out a theorerical string overflow:

drivers/message/fusion/mptbase.c: In function 'mpt_detach':
drivers/message/fusion/mptbase.c:2103:17: error: '%s' directive writing up to 31 bytes into a region of size 28 [-Werror=format-overflow=]
sprintf(pname, MPT_PROCFS_MPTBASEDIR "/%s/summary", ioc->name);
               ^~~~~
drivers/message/fusion/mptbase.c:2103:2: note: 'sprintf' output between 13 and 44 bytes into a destination of size 32

We can simply double the size of the local buffer here to be on the
safe side.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>

---
 drivers/message/fusion/mptbase.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
2.9.0

Comments

David Laight July 17, 2017, 9:17 a.m. UTC | #1

From: Arnd Bergmann

> Sent: 14 July 2017 13:07

> gcc points out a theorerical string overflow:

> 

> drivers/message/fusion/mptbase.c: In function 'mpt_detach':

> drivers/message/fusion/mptbase.c:2103:17: error: '%s' directive writing up to 31 bytes into a region

> of size 28 [-Werror=format-overflow=]

> sprintf(pname, MPT_PROCFS_MPTBASEDIR "/%s/summary", ioc->name);

>                ^~~~~

> drivers/message/fusion/mptbase.c:2103:2: note: 'sprintf' output between 13 and 44 bytes into a

> destination of size 32

> 

> We can simply double the size of the local buffer here to be on the

> safe side.


I think I'd change it to snprintf() as well.
Saves any worries if ioc->name isn't '\0' terminated.

	David

Arnd Bergmann July 17, 2017, noon UTC | #2

On Mon, Jul 17, 2017 at 11:17 AM, David Laight <David.Laight@aculab.com> wrote:
> From: Arnd Bergmann

>> Sent: 14 July 2017 13:07

>> gcc points out a theorerical string overflow:

>>

>> drivers/message/fusion/mptbase.c: In function 'mpt_detach':

>> drivers/message/fusion/mptbase.c:2103:17: error: '%s' directive writing up to 31 bytes into a region

>> of size 28 [-Werror=format-overflow=]

>> sprintf(pname, MPT_PROCFS_MPTBASEDIR "/%s/summary", ioc->name);

>>                ^~~~~

>> drivers/message/fusion/mptbase.c:2103:2: note: 'sprintf' output between 13 and 44 bytes into a

>> destination of size 32

>>

>> We can simply double the size of the local buffer here to be on the

>> safe side.

>

> I think I'd change it to snprintf() as well.

> Saves any worries if ioc->name isn't '\0' terminated.


Ok, fair enough, I'll send a new version right away.

      Arnd

diff --git a/drivers/message/fusion/mptbase.c b/drivers/message/fusion/mptbase.c
index 62cff5afc6bd..46b67a67edc8 100644
--- a/drivers/message/fusion/mptbase.c
+++ b/drivers/message/fusion/mptbase.c
@@ -2079,7 +2079,7 @@  void
 mpt_detach(struct pci_dev *pdev)
 {
 	MPT_ADAPTER 	*ioc = pci_get_drvdata(pdev);
-	char pname[32];
+	char pname[64];
 	u8 cb_idx;
 	unsigned long flags;
 	struct workqueue_struct *wq;

[04/22] scsi: fusion: fix string overflow warning

Commit Message

Comments

Patch