Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp5876513rwb; Tue, 22 Nov 2022 06:08:37 -0800 (PST) X-Google-Smtp-Source: AA0mqf7yF33mdNLR4EsedbGv8KlUK618Fu+FRfSfy/fuSR3xEfM1G5T5u927PFtNhHx9Yj2hJ8Id X-Received: by 2002:aa7:86c7:0:b0:562:45f0:df50 with SMTP id h7-20020aa786c7000000b0056245f0df50mr4742040pfo.16.1669126117319; Tue, 22 Nov 2022 06:08:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669126117; cv=none; d=google.com; s=arc-20160816; b=w7yMVd1VibV1kz5OtTuz9Dkmd+G/ZlqhcTXhbBOb+0g486AwmD9ZCaZP6fnOAF9F9t reYTubfph0qWKTa/8RxOB1fkPV8tTqT7X5ZWgQ/FFWY9Mzr6oCILJeT+PI+5EI8RdYKm iYsnBUmetfDEUU5HH2jxzfmWxpkOPE4T10jVyCEmMhdeHy/hEHFXMeY3U9AmYxY9sfJe wJJeSVPUVn9hz2HbiYaLbffXchB0Jh7MjnEBVX4PwIHVpuTiDi4e8Po1BLnL2oRJBkqr fijaeVBDGKmI0r42AEQVyQ3d72/ZZNTOWI41Nw7s9rygHNkqQpEVnspQIYn94ZlbxtA1 VbYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=1cRGGL/kLGljOEZTXyM0po699HUG3YBlqIEPDsuujzc=; b=AAAWgmeEYeyUyBQ8BTMCjoDd4H0Gpm6cXRpij1RVQ5bzp89LQ5Ip+Bs4QOylHgNqHw /7MIJvROCaqZuWxoJ5a7gKXEeOsgm7X1yWCNLJGQ6p4zVUpPRhQ0AkcQA2yzJ2B+6u25 nHkUYQ/677w6F4nJ0FKzCU4+yOQWT0956Mdvo3yx1AfYha6FW2CrBmsULJ3Gr/XbuYDC Uil/G28OmqnmzUlOKTMdyXvFb5h1BQRBZ2NuLhdQ79I1XOsjiJJqzxb+FDnmVVaxizMO wUUHn5opExfZz4eFjhA955rE91XyhDxntF3y91rTt7wqIZHjwVutJNx3bIh9QRw8uEts GlWA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@yandex.ru header.s=mail header.b=b7JrSEpO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id i136-20020a62878e000000b00571d24aad85si13446042pfe.86.2022.11.22.06.08.24; Tue, 22 Nov 2022 06:08:37 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@yandex.ru header.s=mail header.b=b7JrSEpO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232993AbiKVNNb (ORCPT + 90 others); Tue, 22 Nov 2022 08:13:31 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43010 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233368AbiKVNNP (ORCPT ); Tue, 22 Nov 2022 08:13:15 -0500 Received: from forward102o.mail.yandex.net (forward102o.mail.yandex.net [37.140.190.182]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 93022E43 for ; Tue, 22 Nov 2022 05:13:13 -0800 (PST) Received: from iva6-2d18925256a6.qloud-c.yandex.net (iva6-2d18925256a6.qloud-c.yandex.net [IPv6:2a02:6b8:c0c:7594:0:640:2d18:9252]) by forward102o.mail.yandex.net (Yandex) with ESMTP id 9B4E06FF8662; Tue, 22 Nov 2022 16:04:58 +0300 (MSK) Received: by iva6-2d18925256a6.qloud-c.yandex.net (smtp/Yandex) with ESMTPSA id geBn8MwPXD-4vVS71lp; Tue, 22 Nov 2022 16:04:57 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1669122297; bh=1cRGGL/kLGljOEZTXyM0po699HUG3YBlqIEPDsuujzc=; h=Message-Id:Date:Cc:Subject:To:From; b=b7JrSEpOInh+WonMh4KYuKtr+RCXYQmr11SqVgF0VpX2x/dGpgTCFDLGp10MSR5rc h7q6QqqatP/BqE3lMaKY8qwocVMs3AL0y8UdIqxZmRcEWnrJtqXhNQiJ7dTfaKCkTo m1ZvuaoTl4GXAR1Ae+n3TFPyZT21flE9SJmCP8Wk= Authentication-Results: iva6-2d18925256a6.qloud-c.yandex.net; dkim=pass header.i=@yandex.ru From: Peter Kosyh To: Tariq Toukan , "David S. Miller" , Eric Dumazet Cc: Peter Kosyh , Jakub Kicinski , Paolo Abeni , netdev@vger.kernel.org, linux-rdma@vger.kernel.org, linux-kernel@vger.kernel.org, lvc-project@linuxtesting.org Subject: [PATCH] mlx4: use snprintf() instead of sprintf() for safety Date: Tue, 22 Nov 2022 16:04:53 +0300 Message-Id: <20221122130453.730657-1-pkosyh@yandex.ru> X-Mailer: git-send-email 2.38.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,RCVD_IN_MSPIKE_H2, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Use snprintf() to avoid the potential buffer overflow. Although in the current code this is hardly possible, the safety is unclean. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Peter Kosyh --- drivers/net/ethernet/mellanox/mlx4/main.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/net/ethernet/mellanox/mlx4/main.c b/drivers/net/ethernet/mellanox/mlx4/main.c index d3fc86cd3c1d..0616d352451b 100644 --- a/drivers/net/ethernet/mellanox/mlx4/main.c +++ b/drivers/net/ethernet/mellanox/mlx4/main.c @@ -3057,7 +3057,8 @@ static int mlx4_init_port_info(struct mlx4_dev *dev, int port) info->base_qpn = mlx4_get_base_qpn(dev, port); } - sprintf(info->dev_name, "mlx4_port%d", port); + snprintf(info->dev_name, sizeof(info->dev_name), + "mlx4_port%d", port); info->port_attr.attr.name = info->dev_name; if (mlx4_is_mfunc(dev)) { info->port_attr.attr.mode = 0444; @@ -3077,7 +3078,8 @@ static int mlx4_init_port_info(struct mlx4_dev *dev, int port) return err; } - sprintf(info->dev_mtu_name, "mlx4_port%d_mtu", port); + snprintf(info->dev_mtu_name, sizeof(info->dev_mtu_name), + "mlx4_port%d_mtu", port); info->port_mtu_attr.attr.name = info->dev_mtu_name; if (mlx4_is_mfunc(dev)) { info->port_mtu_attr.attr.mode = 0444; -- 2.38.1