Re: [PATCH 04/22] scsi: fusion: fix string overflow warning
On Mon, Jul 17, 2017 at 11:17 AM, David Laightwrote: > From: Arnd Bergmann >> Sent: 14 July 2017 13:07 >> gcc points out a theorerical string overflow: >> >> drivers/message/fusion/mptbase.c: In function 'mpt_detach': >> drivers/message/fusion/mptbase.c:2103:17: error: '%s' directive writing up >> to 31 bytes into a region >> of size 28 [-Werror=format-overflow=] >> sprintf(pname, MPT_PROCFS_MPTBASEDIR "/%s/summary", ioc->name); >>^ >> drivers/message/fusion/mptbase.c:2103:2: note: 'sprintf' output between 13 >> and 44 bytes into a >> destination of size 32 >> >> We can simply double the size of the local buffer here to be on the >> safe side. > > I think I'd change it to snprintf() as well. > Saves any worries if ioc->name isn't '\0' terminated. Ok, fair enough, I'll send a new version right away. Arnd
Re: [PATCH 04/22] scsi: fusion: fix string overflow warning
On Mon, Jul 17, 2017 at 11:17 AM, David Laight wrote: > From: Arnd Bergmann >> Sent: 14 July 2017 13:07 >> gcc points out a theorerical string overflow: >> >> drivers/message/fusion/mptbase.c: In function 'mpt_detach': >> drivers/message/fusion/mptbase.c:2103:17: error: '%s' directive writing up >> to 31 bytes into a region >> of size 28 [-Werror=format-overflow=] >> sprintf(pname, MPT_PROCFS_MPTBASEDIR "/%s/summary", ioc->name); >>^ >> drivers/message/fusion/mptbase.c:2103:2: note: 'sprintf' output between 13 >> and 44 bytes into a >> destination of size 32 >> >> We can simply double the size of the local buffer here to be on the >> safe side. > > I think I'd change it to snprintf() as well. > Saves any worries if ioc->name isn't '\0' terminated. Ok, fair enough, I'll send a new version right away. Arnd
RE: [PATCH 04/22] scsi: fusion: fix string overflow warning
From: Arnd Bergmann > Sent: 14 July 2017 13:07 > gcc points out a theorerical string overflow: > > drivers/message/fusion/mptbase.c: In function 'mpt_detach': > drivers/message/fusion/mptbase.c:2103:17: error: '%s' directive writing up to > 31 bytes into a region > of size 28 [-Werror=format-overflow=] > sprintf(pname, MPT_PROCFS_MPTBASEDIR "/%s/summary", ioc->name); >^ > drivers/message/fusion/mptbase.c:2103:2: note: 'sprintf' output between 13 > and 44 bytes into a > destination of size 32 > > We can simply double the size of the local buffer here to be on the > safe side. I think I'd change it to snprintf() as well. Saves any worries if ioc->name isn't '\0' terminated. David
RE: [PATCH 04/22] scsi: fusion: fix string overflow warning
From: Arnd Bergmann > Sent: 14 July 2017 13:07 > gcc points out a theorerical string overflow: > > drivers/message/fusion/mptbase.c: In function 'mpt_detach': > drivers/message/fusion/mptbase.c:2103:17: error: '%s' directive writing up to > 31 bytes into a region > of size 28 [-Werror=format-overflow=] > sprintf(pname, MPT_PROCFS_MPTBASEDIR "/%s/summary", ioc->name); >^ > drivers/message/fusion/mptbase.c:2103:2: note: 'sprintf' output between 13 > and 44 bytes into a > destination of size 32 > > We can simply double the size of the local buffer here to be on the > safe side. I think I'd change it to snprintf() as well. Saves any worries if ioc->name isn't '\0' terminated. David
[PATCH 04/22] scsi: fusion: fix string overflow warning
gcc points out a theorerical string overflow: drivers/message/fusion/mptbase.c: In function 'mpt_detach': drivers/message/fusion/mptbase.c:2103:17: error: '%s' directive writing up to 31 bytes into a region of size 28 [-Werror=format-overflow=] sprintf(pname, MPT_PROCFS_MPTBASEDIR "/%s/summary", ioc->name); ^ drivers/message/fusion/mptbase.c:2103:2: note: 'sprintf' output between 13 and 44 bytes into a destination of size 32 We can simply double the size of the local buffer here to be on the safe side. Signed-off-by: Arnd Bergmann--- drivers/message/fusion/mptbase.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/message/fusion/mptbase.c b/drivers/message/fusion/mptbase.c index 62cff5afc6bd..46b67a67edc8 100644 --- a/drivers/message/fusion/mptbase.c +++ b/drivers/message/fusion/mptbase.c @@ -2079,7 +2079,7 @@ void mpt_detach(struct pci_dev *pdev) { MPT_ADAPTER *ioc = pci_get_drvdata(pdev); - char pname[32]; + char pname[64]; u8 cb_idx; unsigned long flags; struct workqueue_struct *wq; -- 2.9.0
[PATCH 04/22] scsi: fusion: fix string overflow warning
gcc points out a theorerical string overflow: drivers/message/fusion/mptbase.c: In function 'mpt_detach': drivers/message/fusion/mptbase.c:2103:17: error: '%s' directive writing up to 31 bytes into a region of size 28 [-Werror=format-overflow=] sprintf(pname, MPT_PROCFS_MPTBASEDIR "/%s/summary", ioc->name); ^ drivers/message/fusion/mptbase.c:2103:2: note: 'sprintf' output between 13 and 44 bytes into a destination of size 32 We can simply double the size of the local buffer here to be on the safe side. Signed-off-by: Arnd Bergmann --- drivers/message/fusion/mptbase.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/message/fusion/mptbase.c b/drivers/message/fusion/mptbase.c index 62cff5afc6bd..46b67a67edc8 100644 --- a/drivers/message/fusion/mptbase.c +++ b/drivers/message/fusion/mptbase.c @@ -2079,7 +2079,7 @@ void mpt_detach(struct pci_dev *pdev) { MPT_ADAPTER *ioc = pci_get_drvdata(pdev); - char pname[32]; + char pname[64]; u8 cb_idx; unsigned long flags; struct workqueue_struct *wq; -- 2.9.0