printf to array 'eqo->desc' of size 32 may cause buffer overflow when
using non-standard IFNAMSIZ.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Peter Kosyh <[email protected]>
---
drivers/net/ethernet/emulex/benet/be.h | 2 +-
drivers/net/ethernet/emulex/benet/be_main.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/emulex/benet/be.h b/drivers/net/ethernet/emulex/benet/be.h
index 61fe9625bed1..857a25f45fc8 100644
--- a/drivers/net/ethernet/emulex/benet/be.h
+++ b/drivers/net/ethernet/emulex/benet/be.h
@@ -179,7 +179,7 @@ static inline void queue_tail_inc(struct be_queue_info *q)
struct be_eq_obj {
struct be_queue_info q;
- char desc[32];
+ char desc[IFNAMSIZ+16];
struct be_adapter *adapter;
struct napi_struct napi;
diff --git a/drivers/net/ethernet/emulex/benet/be_main.c b/drivers/net/ethernet/emulex/benet/be_main.c
index 414362febbb9..8e75a14da595 100644
--- a/drivers/net/ethernet/emulex/benet/be_main.c
+++ b/drivers/net/ethernet/emulex/benet/be_main.c
@@ -3485,7 +3485,7 @@ static int be_msix_register(struct be_adapter *adapter)
int status, i, vec;
for_all_evt_queues(adapter, eqo, i) {
- sprintf(eqo->desc, "%s-q%d", netdev->name, i);
+ snprintf(eqo->desc, sizeof(eqo->desc), "%s-q%d", netdev->name, i);
vec = be_msix_vec_get(adapter, eqo);
status = request_irq(vec, be_msix, 0, eqo->desc, eqo);
if (status)
--
2.37.0
On Tue, 4 Oct 2022 12:50:34 +0300
Peter Kosyh <[email protected]> wrote:
> printf to array 'eqo->desc' of size 32 may cause buffer overflow when
> using non-standard IFNAMSIZ.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> Signed-off-by: Peter Kosyh <[email protected]>
NACK
Non-standard IFNAMSIZ will break uapi and many things.
I see no reason for kernel or tools like iproute2 to support or
fix those related bugs.
On Tue, 4 Oct 2022 08:29:36 -0700 Stephen Hemminger wrote:
> On Tue, 4 Oct 2022 12:50:34 +0300
> Peter Kosyh <[email protected]> wrote:
>
> > printf to array 'eqo->desc' of size 32 may cause buffer overflow when
> > using non-standard IFNAMSIZ.
> >
> > Found by Linux Verification Center (linuxtesting.org) with SVACE.
> >
> > Signed-off-by: Peter Kosyh <[email protected]>
>
> NACK
> Non-standard IFNAMSIZ will break uapi and many things.
> I see no reason for kernel or tools like iproute2 to support or
> fix those related bugs.
I think the commit message is missing the point, but the warning
may be legit.
Pater please read the requirements for sending patches based on
automated checkers:
Documentation/process/researcher-guidelines.rst