From patchwork Mon Nov 28 21:04:14 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnd Bergmann X-Patchwork-Id: 101449 Delivered-To: patch@linaro.org Received: by 10.182.1.168 with SMTP id 8csp1906058obn; Mon, 28 Nov 2016 13:04:59 -0800 (PST) X-Received: by 10.84.178.195 with SMTP id z61mr54939326plb.176.1480367099824; Mon, 28 Nov 2016 13:04:59 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w17si31595974pge.203.2016.11.28.13.04.59; Mon, 28 Nov 2016 13:04:59 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755301AbcK1VE4 (ORCPT + 25 others); Mon, 28 Nov 2016 16:04:56 -0500 Received: from mout.kundenserver.de ([212.227.17.10]:64205 "EHLO mout.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754243AbcK1VEr (ORCPT ); Mon, 28 Nov 2016 16:04:47 -0500 Received: from wuerfel.lan ([78.43.21.235]) by mrelayeu.kundenserver.de (mreue103 [212.227.15.145]) with ESMTPA (Nemesis) id 0MQ8It-1c7sCl0gYl-005DyV; Mon, 28 Nov 2016 22:04:36 +0100 From: Arnd Bergmann To: Greg Kroah-Hartman , Jiri Slaby Cc: Arnd Bergmann , Peter Hurley , linux-kernel@vger.kernel.org Subject: [PATCH] tty: nozomi: avoid sprintf buffer overflow Date: Mon, 28 Nov 2016 22:04:14 +0100 Message-Id: <20161128210433.2291532-1-arnd@arndb.de> X-Mailer: git-send-email 2.9.0 X-Provags-ID: V03:K0:fKnY99q/PvTmP1TxZnIN887Gu8nessf3j3Kht4VUp9QOTtDCmvr EMoSYAZkafUAlQrboyQSsIhJHBlx8ppGGeNSwi+gAEuZwAak2vIar9K0SAthBP90kaIiQhb 5v/bMvwlJzJyYLCsEaE9c/WgXfBLdrX0f3dy3lzFxvrsN8wUpjaqvmwuoFMK4JQ2/5KxPpR FPyDwMEFS0tGIoBx6DOXg== X-UI-Out-Filterresults: notjunk:1; V01:K0:2PWdlZBJKtY=:sIfeQQCzQgEBukLcOiturM Y7ARjH65NBmOCnpL9C2RxMs3nCXssQfFC7hbkieh7lv7nJOHhb9pzfVBCMMfHf+oCr9qNUQVL GUH7w2Sw8nbaBsmRlkFu9R6/1QTreCujtDj2gO8zW2lbGSHsDR1DQTjkqi2RWtdIkyIZwO0bR iaPyy3tEdzVVUrH4vC0css4BdnF5Io6MMhq30/Zw5dm2o/ejN8Qgfe8P39PBGeR/uhvgeB/Vm 9wj9GOfblUNcHNoyVCfEgpu0YCMzmk3g0NKJHP5UzdN4JS2h+pSgwRLm8BeQjykLpYQLkp//g jPMOipPm+k6wUO35ZMyzQs/TKx5bb91M3IM0gXyiCHQRJ8/qi0rXD9FwxA1d5Tkt78FCHwoxY w1bLV0sWDAfvTOGC28PDQacFuhoDsO/yi6DS+KMubejWtZKIl08R00y4su9+Icw8SKTLrP6b4 woUOE2tYWUrAhKlJHJ18mPojeYkdfgZ9BF3smavsrKZ7dsB19AcchjJmuQ3MUXKQPLr1hAeJI t/aU2NQ6j6pLv7CWi8VpGbD8U0lTRjrMWQ4mJHrhQmptTYRkme30vYCdGab8qyqZtvDxN281r WxARZO4fHiTIhXqKpGHmIUvCWwuUP52uGn44wIlRluRVzJUGPwz60tCv/gdWWSykCJCLOvhnu 8lOKcnsxG9SRAykjKfgGT+JYeSYI0cuMNMAhvad60exbe8awKGLMmtsKXWKCAmqucI+w= Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Testing with a gcc-7 snapshot produced an internal compiler error for this file: drivers/tty/nozomi.c: In function 'receive_flow_control': drivers/tty/nozomi.c:919:12: internal compiler error: in get_substring_ranges_for_loc, at input.c:1388 static int receive_flow_control(struct nozomi *dc) I've reported this at https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78569 but also noticed that the code line contains a stack overflow, as it prints a string into a slightly shorter fixed-length 'tmp' variable. I don't see any point in the temporary variable, we can simply use pr_debug() to print the output directly. This change should not change any of the output but avoids both the stack overflow and the gcc crash. The stack overflow will not happen unless a module load parameter is also set to enable the debug messages. Signed-off-by: Arnd Bergmann --- drivers/tty/nozomi.c | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) -- 2.9.0 diff --git a/drivers/tty/nozomi.c b/drivers/tty/nozomi.c index e2020a691058..17a182b28d52 100644 --- a/drivers/tty/nozomi.c +++ b/drivers/tty/nozomi.c @@ -69,13 +69,8 @@ #define NOZOMI_DEBUG_LEVEL 0x00 #define P_BUF_SIZE 128 -#define NFO(_err_flag_, args...) \ -do { \ - char tmp[P_BUF_SIZE]; \ - snprintf(tmp, sizeof(tmp), ##args); \ - printk(_err_flag_ "[%d] %s(): %s\n", __LINE__, \ - __func__, tmp); \ -} while (0) +#define NFO(_err_flag_, fmt, args...) \ + pr_debug("[%d] %s(): " fmt "\n", __LINE__, __func__, ##args); #define DBG1(args...) D_(0x01, ##args) #define DBG2(args...) D_(0x02, ##args)