Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp3500761pxa; Wed, 26 Aug 2020 01:59:13 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxcinxVIWy2NlMS4CPswSPOm/D/adKlzv8dn9qP64zeNgxEi6CQpUwSOoSsbRPhwLZGcM17 X-Received: by 2002:a17:906:a1cf:: with SMTP id bx15mr14020145ejb.231.1598432353609; Wed, 26 Aug 2020 01:59:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598432353; cv=none; d=google.com; s=arc-20160816; b=AkfW4qvF+qIGW6wvyvdEeoDqdS3BM8nLSzDh/NKvluGO+LiXabkXzJmZ57fMDgGcuZ XPILoqq5Ma4j8Lb8qyZgza899pIzdWZ5Ywao5znUr0gzXL7LuEvzbk/bCDAVh+a4n3y0 C9hSqBjwUn3CCifhrjNS6J5Qipie4qJYQ3yS0yG7qqMjR6Sx74c9bLlw7tLIHLbM387D lwwsiMPrHc2WVWmA2qkK2pzG9q7HwQG2LHrRefOy0xFp7yVUFJu9Cqt82MiuUFFgai/b ZxuQMb6REXTzM9HLFxJEF47tm8iok6LAwNMY4xT7UFjk5cSIThsWgbUsIqF4p7klXbvQ 64uw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:in-reply-to :mime-version:user-agent:date:message-id:from:cc:references:to :subject; bh=SdYwstb4nADVIvNP7jj5UV5PDkTzjR5jD/aFAZkgUiM=; b=uqRlcNjc46tbN3trPaRGtZDaypiOjrz8VzPLdv8yu6GCV+/XCNdtIWfE26MX+qGBo0 xVJQVxJ3S1byIxjr8bSHkEQQgD5Gf6DNP3hOYyzlkM3Mx1YRZdtslL6cfv53jIYtyoCV ZEnqJOFdiCmquNY6g+CaIabQ4OMx6B0jfq31H8BJS8s4f0Htgj9JNJTdKf+VEq/0Re25 esjmxnssZrwpYnmOv1twzFTWRGzoWvDmSOEQVPfdpJp1sT6oumvUJuwEC2163ZqwRXyN jjOh5w89Zl9qeZTbwnRUN1AFqE/160V/mO58MYgqnyOa8zQ5z6oyiNF9Wp3eoHepkO1M OUtA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id e14si1148605eja.454.2020.08.26.01.58.49; Wed, 26 Aug 2020 01:59:13 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727843AbgHZI4y (ORCPT + 99 others); Wed, 26 Aug 2020 04:56:54 -0400 Received: from szxga07-in.huawei.com ([45.249.212.35]:33544 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1727793AbgHZI4x (ORCPT ); Wed, 26 Aug 2020 04:56:53 -0400 Received: from DGGEMS414-HUB.china.huawei.com (unknown [172.30.72.58]) by Forcepoint Email with ESMTP id A7F9DE2FCF4426178BA4; Wed, 26 Aug 2020 16:56:50 +0800 (CST) Received: from [127.0.0.1] (10.74.173.29) by DGGEMS414-HUB.china.huawei.com (10.3.19.214) with Microsoft SMTP Server id 14.3.487.0; Wed, 26 Aug 2020 16:56:40 +0800 Subject: Re: [PATCH RESEND 04/10] crypto: hisilicon/zip - replace 'sprintf' with 'scnprintf' To: David Laight , "herbert@gondor.apana.org.au" , "davem@davemloft.net" References: <1598238709-58699-1-git-send-email-shenyang39@huawei.com> <1598238709-58699-5-git-send-email-shenyang39@huawei.com> CC: "linux-kernel@vger.kernel.org" , "linux-crypto@vger.kernel.org" , "xuzaibo@huawei.com" , "wangzhou1@hisilicon.com" From: "shenyang (M)" Message-ID: Date: Wed, 26 Aug 2020 16:56:40 +0800 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [10.74.173.29] X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2020/8/24 16:29, David Laight wrote: > From: Yang Shen >> Sent: 24 August 2020 04:12 >> >> Replace 'sprintf' with 'scnprintf' to avoid overrun. >> >> Signed-off-by: Yang Shen >> Reviewed-by: Zhou Wang >> --- >> drivers/crypto/hisilicon/zip/zip_main.c | 11 +++++++---- >> 1 file changed, 7 insertions(+), 4 deletions(-) >> >> diff --git a/drivers/crypto/hisilicon/zip/zip_main.c b/drivers/crypto/hisilicon/zip/zip_main.c >> index df1a16f..1883d1b 100644 >> --- a/drivers/crypto/hisilicon/zip/zip_main.c >> +++ b/drivers/crypto/hisilicon/zip/zip_main.c >> @@ -428,7 +428,7 @@ static ssize_t hisi_zip_ctrl_debug_read(struct file *filp, char __user *buf, >> return -EINVAL; >> } >> spin_unlock_irq(&file->lock); >> - ret = sprintf(tbuf, "%u\n", val); >> + ret = scnprintf(tbuf, HZIP_BUF_SIZE, "%u\n", val); > > Should that be sizeof (tbuf). > >> return simple_read_from_buffer(buf, count, pos, tbuf, ret); >> } >> >> @@ -514,13 +514,16 @@ static int hisi_zip_core_debug_init(struct hisi_qm *qm) >> struct debugfs_regset32 *regset; >> struct dentry *tmp_d; >> char buf[HZIP_BUF_SIZE]; >> - int i; >> + int i, ret; >> >> for (i = 0; i < HZIP_CORE_NUM; i++) { >> if (i < HZIP_COMP_CORE_NUM) >> - sprintf(buf, "comp_core%d", i); >> + ret = scnprintf(buf, HZIP_BUF_SIZE, "comp_core%d", i); >> else >> - sprintf(buf, "decomp_core%d", i - HZIP_COMP_CORE_NUM); >> + ret = scnprintf(buf, HZIP_BUF_SIZE, "decomp_core%d", >> + i - HZIP_COMP_CORE_NUM); >> + if (!ret) >> + return -ENOMEM; > > and that is just so wrong - did you even try to test > the 'buffer too small' code path? > > David > Do you means the check is unnecessary? Yang > - > Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK > Registration No: 1397386 (Wales) > > > . >