Received: by 10.223.185.116 with SMTP id b49csp753920wrg; Wed, 14 Feb 2018 06:32:49 -0800 (PST) X-Google-Smtp-Source: AH8x225O1Va91meMjry6iCfb/8uIufbItOhP8KnCQk3I9ASmkr+kRNQDu0Tu9wJiQij8va+v7TTh X-Received: by 2002:a17:902:9a8b:: with SMTP id w11-v6mr4814412plp.118.1518618769269; Wed, 14 Feb 2018 06:32:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518618769; cv=none; d=google.com; s=arc-20160816; b=gLcaIE0JKYw6p+NCnIx3W7G3eBx38vdRqBeh7xDDHsMAynAoOS0Xt8LklP3eKRb4+W gWOuhni4SW7WBEXFvDzi1t5bj9S+Ct+ENTTeIhR9LaKpszgctL5MXg00MpOajl/qBpMg PZogt+qA1GZSjqMk6nPu6jDooQDGmmz4FtvpwV1Sf+mrYuKq6y6klpwCWuFfDnSksqLk Rz5k+R/Wc+1MzWyiy21EeToKqnNv9n00uyTgNvdL60NyFC6WVVOXjt1sxCe9/Bk6EVb8 51xBmMZI3navigWKwqHcyB7OR+qhjlXCo83CQ4LMBoFsrBZhVFwPhvXubfC9y4Rd7ido Q80A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:arc-authentication-results; bh=U/2N9o4Y+TvCNt13RJ3RUIeSKb1XExtR7U9ieB1KV9A=; b=00RPzAxHNkRBsVTSAc50swg5fTY3CdLrutSrgIccfE5jrPmHUuFjGzPW+G/rZC4lx0 sGLDHmvklLY461LIdCHGypPgIoFVe8yMoUOxDzeft46+tyUJISJLKTePkJwA1jYy+ycG frGon2XyKOlVLZx1peHPuWlXhyOY4/4lCnZqEBE5VWw29Ud8NoV4KqpOPgcsC7e2JROS EoM+0zriDUreoObTSOjsw3BA2hZjmoaHCf2BcZbQg6OrL2Bsyj8F5zhdumeUEbbxkczB gATt0bidpqCX+TCJ4xIELoQvHziThS+myvfda/4JAEFFKncno5esBGMGbSJeKbETcrSE j0Mg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b3-v6si188543pli.440.2018.02.14.06.32.24; Wed, 14 Feb 2018 06:32:49 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1030865AbeBNObC convert rfc822-to-8bit (ORCPT + 99 others); Wed, 14 Feb 2018 09:31:02 -0500 Received: from mx01.eckelmann.de ([217.19.183.72]:29745 "EHLO mx01.eckelmann.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1030381AbeBNObB (ORCPT ); Wed, 14 Feb 2018 09:31:01 -0500 X-Greylist: delayed 343 seconds by postgrey-1.27 at vger.kernel.org; Wed, 14 Feb 2018 09:31:01 EST Received: from ex-srv1.eckelmann.group ([2a00:1f08:4007:e035:172:18:35:4]:52997 helo=smtp.eckelmann.de) by mx01.eckelmann.de with esmtps (TLSv1.2:AES256-GCM-SHA384:256) (Exim 4.82_1-5b7a7c0-XX) (envelope-from ) id 1elxzl-0007bh-1T; Wed, 14 Feb 2018 15:25:13 +0100 Received: from ws161-Debian.eckelmann.group (2a00:1f08:4007:1c00:e163:b718:85a4:9a90) by EX-SRV1.eckelmann.group (2a00:1f08:4007:e035:172:18:35:4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1034.26; Wed, 14 Feb 2018 15:25:13 +0100 From: Gavin Schenk To: , CC: , , Gavin Schenk Subject: [PATCH] siox: fix possible buffer overflow in device_add_store Date: Wed, 14 Feb 2018 15:25:02 +0100 Message-ID: <20180214142502.20787-1-g.schenk@eckelmann.de> X-Mailer: git-send-email 2.15.1 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" X-Originating-IP: [2a00:1f08:4007:1c00:e163:b718:85a4:9a90] X-ClientProxiedBy: EX-SRV1.eckelmann.group (2a00:1f08:4007:e035:172:18:35:4) To EX-SRV1.eckelmann.group (2a00:1f08:4007:e035:172:18:35:4) Content-Transfer-Encoding: 8BIT Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Width 20 given in format string is larger than destination buffer 'type[20]', use %19s to prevent overflowing it. Fixes: bbecb07fa0af ("siox: new driver framework for eckelmann SIOX") Reported-by: David Binderman Signed-off-by: Gavin Schenk --- drivers/siox/siox-core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/siox/siox-core.c b/drivers/siox/siox-core.c index fdfcdea25867..16590dfaafa4 100644 --- a/drivers/siox/siox-core.c +++ b/drivers/siox/siox-core.c @@ -594,7 +594,7 @@ static ssize_t device_add_store(struct device *dev, size_t inbytes = 0, outbytes = 0; u8 statustype = 0; - ret = sscanf(buf, "%20s %zu %zu %hhu", type, &inbytes, + ret = sscanf(buf, "%19s %zu %zu %hhu", type, &inbytes, &outbytes, &statustype); if (ret != 3 && ret != 4) return -EINVAL; -- 2.15.1 -- Eckelmann AG Vorstand: Dipl.-Ing. Peter Frankenbach (Sprecher) Dipl.-Wi.-Ing. Philipp Eckelmann Dr.-Ing. Marco Münchhof Dr.-Ing. Frank Uhlemann Vorsitzender des Aufsichtsrats: Hubertus G. Krossa Stv. Vorsitzender des Aufsichtsrats: Dr.-Ing. Gerd Eckelmann Sitz der Gesellschaft: Berliner Str. 161, 65205 Wiesbaden, Amtsgericht Wiesbaden HRB 12636 http://www.eckelmann.de