Received: by 2002:a25:31c3:0:0:0:0:0 with SMTP id x186csp1014037ybx;
        Tue, 5 Nov 2019 08:58:21 -0800 (PST)
X-Google-Smtp-Source: APXvYqw2hkXSRYh9YwuNFGpex+xYThpwKXn+iftKBOJjuQ0nXDGvHy1rABaqUb7dZetMBDhx98NB
X-Received: by 2002:a50:d717:: with SMTP id t23mr36284669edi.231.1572973101591;
        Tue, 05 Nov 2019 08:58:21 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1572973101; cv=none;
        d=google.com; s=arc-20160816;
        b=I2F5V8jF9gqFEMPC3mt8WyPD2crgFT/Xkh5jiu/r3XODpNQj1+kDJwOiUjAhQrOsnE
         BWMQR3wX1HZNvjlb3X6tvkWGigNca0U5JRZIdOami7NYjaANd8vbz+uUNEIPDpzAvfrt
         fmvOvsH+jZMvOvFiW//iH429tD9AVeTE01Fp6Ujcb0iRURQKI++PCf5nNniAcp4HnPJg
         rE2P9sRRU+8yvR3B/dRIb+rmIwvCgUoVqMJqrK9HvSxzuTx86E+jrJ87+n2eR7g0kIIs
         hCVTsa9xp0GgXE56HS/OaQYB4MKsBjgrWlZM5FVNNdtxDI0FVyODjysFwdWy8FmSvSg+
         qTxg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from:dkim-signature;
        bh=Da4uiaQj7qVMKa9oAKwCKH6uxJg0bHesNrE0BWHWXgs=;
        b=YbjeUxlZ3H8WSNzuNu4PJoiF13QnvvTEhImzAhT/CwPZ5A5gy6p4vIkhentBM5rFPV
         S24K9REEgPvDp3bw573agdmUFuelxa1tPireuEc5qZda6mh2QBUDflNISRD6mD34yiN1
         aAeqBn2O3OZhaXykQl61dMV9Mh5xq58hAFfd470GyBETQ2/ehrrvSquWNDiiiY1XmAju
         rJHN5pby7ptQKmkAy9Bj/D1jBx6ifScYyQxo4/7OqnxQYN9hFoRjzJXBgXFzZMNb/65g
         /u/Kxr37B9Em1tNvBJcIqCqoKO2Y0kkTSzzR9LeG/1QMtS9Z5Kpf0+DOGxQpr4T9ebs0
         +aTg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@android.com header.s=20161025 header.b=hfnreEuH;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=android.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id e24si3824561ejx.220.2019.11.05.08.57.57;
        Tue, 05 Nov 2019 08:58:21 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@android.com header.s=20161025 header.b=hfnreEuH;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=android.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2389982AbfKEPtI (ORCPT <rfc822;zhangckid@gmail.com> + 99 others);
        Tue, 5 Nov 2019 10:49:08 -0500
Received: from mail-pg1-f195.google.com ([209.85.215.195]:36338 "EHLO
        mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S2389506AbfKEPtH (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 5 Nov 2019 10:49:07 -0500
Received: by mail-pg1-f195.google.com with SMTP id k13so3193780pgh.3
        for <linux-kernel@vger.kernel.org>; Tue, 05 Nov 2019 07:49:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=android.com; s=20161025;
        h=from:to:cc:subject:date:message-id:mime-version
         :content-transfer-encoding;
        bh=Da4uiaQj7qVMKa9oAKwCKH6uxJg0bHesNrE0BWHWXgs=;
        b=hfnreEuHEVOOB4GYxQpvcNt/tzK2jHW/3WicKvVvnoECbhjeTfvJ/jRVCXoVfoFwBD
         gh3UoJbBuR7BW388M6JzkvjPJo2P5gMEmdXXbL+SX8wCS5HtPQrU/DpxQE9Zdy1IwEIE
         1W5uG/KdoyUy7Fi5vrMI7VVqu6PlqCGu3nFAWomVbU1FMzmiEHTzyHi22EsDOKKw5+SF
         Qa5pv5rX9fsLm2x6BIIKMypZFT1b+/p8/K7NeOe0eH67JQqWtbbNe206u4qYMuQmI+bT
         S+Qrk8fyhuiVjq25M8dNkPU4DSGtRkZC2HIhmgERALnPAzLclCK6Xs4xtXg4zi8e/Oos
         QU9w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
         :content-transfer-encoding;
        bh=Da4uiaQj7qVMKa9oAKwCKH6uxJg0bHesNrE0BWHWXgs=;
        b=GmuUhalIXm+iPgGntlb7nUs/cXawg+naW70hKpmUWUObPcEwjQUANeCb8GRMGkhQO9
         a9BvCmuUIPxevazVdgQxqqL/NakDBhwQDOPNSQC+b71FZPxj+GKR75CIGp2wxp3hERH2
         VKVReP3QtkjgXJQUMa7K/jzW1PxmdvuL711TU7QgvNLNGfIuNe0FRkAq1aVUMDiL1MNx
         w/+cZ5K2c1ynZt6J5jddiXqd6ztk/ASDArWbamLxlsQB0z/+bF08VWJ5kr4U7ZMgejDG
         ThNiCvYzF3e0EwphQqPJ9nejTj6d3x5U3rwBb7PdtQC2VHffOJqfEGU0S04C/zsxFpeq
         cJVQ==
X-Gm-Message-State: APjAAAXf71IHtAogt7SUqoF2poCFwN1fMSXRb+efqWspH9w7HkJUbWtt
        9UQqRBtpMfmVL08OchrTKFyT3s3JloK0fA==
X-Received: by 2002:a63:5966:: with SMTP id j38mr36959501pgm.304.1572968945118;
        Tue, 05 Nov 2019 07:49:05 -0800 (PST)
Received: from nebulus.mtv.corp.google.com ([2620:15c:211:200:5404:91ba:59dc:9400])
        by smtp.gmail.com with ESMTPSA id f189sm29671326pgc.94.2019.11.05.07.49.04
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 05 Nov 2019 07:49:04 -0800 (PST)
From:   Mark Salyzyn <salyzyn@android.com>
To:     linux-kernel@vger.kernel.org
Cc:     kernel-team@android.com, Mark Salyzyn <salyzyn@android.com>,
        linux-fsdevel@vger.kernel.org, David Howells <dhowells@redhat.com>,
        linux-afs@lists.infradead.org, Jan Kara <jack@suse.cz>
Subject: [PATCH] afs: xattr: use scnprintf
Date:   Tue,  5 Nov 2019 07:48:44 -0800
Message-Id: <20191105154850.187723-1-salyzyn@android.com>
X-Mailer: git-send-email 2.24.0.rc1.363.gb1bccd3e3d-goog
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

sprintf and snprintf are fragile in future maintenance, switch to
using scnprintf to ensure no accidental Use After Free conditions
are introduced.

Signed-off-by: Mark Salyzyn <salyzyn@android.com>
Cc: linux-kernel@vger.kernel.org
Cc: linux-fsdevel@vger.kernel.org
Cc: David Howells <dhowells@redhat.com>
Cc: linux-afs@lists.infradead.org
Cc: Jan Kara <jack@suse.cz>
---
 fs/afs/xattr.c | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/fs/afs/xattr.c b/fs/afs/xattr.c
index 5552d034090a..7af41fd5f3ee 100644
--- a/fs/afs/xattr.c
+++ b/fs/afs/xattr.c
@@ -228,11 +228,11 @@ static int afs_xattr_get_yfs(const struct xattr_handler *handler,
 		break;
 	case 1:
 		data = buf;
-		dsize = snprintf(buf, sizeof(buf), "%u", yacl->inherit_flag);
+		dsize = scnprintf(buf, sizeof(buf), "%u", yacl->inherit_flag);
 		break;
 	case 2:
 		data = buf;
-		dsize = snprintf(buf, sizeof(buf), "%u", yacl->num_cleaned);
+		dsize = scnprintf(buf, sizeof(buf), "%u", yacl->num_cleaned);
 		break;
 	case 3:
 		data = yacl->vol_acl->data;
@@ -370,13 +370,15 @@ static int afs_xattr_get_fid(const struct xattr_handler *handler,
 	/* The volume ID is 64-bit, the vnode ID is 96-bit and the
 	 * uniquifier is 32-bit.
 	 */
-	len = sprintf(text, "%llx:", vnode->fid.vid);
+	len = scnprintf(text, sizeof(text), "%llx:", vnode->fid.vid);
 	if (vnode->fid.vnode_hi)
-		len += sprintf(text + len, "%x%016llx",
-			       vnode->fid.vnode_hi, vnode->fid.vnode);
+		len += scnprintf(text + len, sizeof(text) - len, "%x%016llx",
+				vnode->fid.vnode_hi, vnode->fid.vnode);
 	else
-		len += sprintf(text + len, "%llx", vnode->fid.vnode);
-	len += sprintf(text + len, ":%x", vnode->fid.unique);
+		len += scnprintf(text + len, sizeof(text) - len, "%llx",
+				 vnode->fid.vnode);
+	len += scnprintf(text + len, sizeof(text) - len, ":%x",
+			 vnode->fid.unique);
 
 	if (size == 0)
 		return len;
-- 
2.24.0.rc1.363.gb1bccd3e3d-goog