Received: by 2002:a89:288:0:b0:1f7:eeee:6653 with SMTP id j8csp401719lqh; Tue, 7 May 2024 02:43:49 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWWRAug691t5917wNcr6NQ5GqErW3/PTLha6Feminv1bDnhsk8QxM00q22e5dacjVMifL2zzEXPEOMOgb/FBpmhBrhVFP8QuWRDymUkKw== X-Google-Smtp-Source: AGHT+IHEx3AzrGx5OJnrJ1jbwtPTMqsJtDlh9QP3EuyISshN3hDlFlxBpqhQJVGSCxUHxCqN+ox+ X-Received: by 2002:a05:6a00:1943:b0:6f3:e6e0:d9f3 with SMTP id s3-20020a056a00194300b006f3e6e0d9f3mr13397829pfk.31.1715075029163; Tue, 07 May 2024 02:43:49 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1715075029; cv=pass; d=google.com; s=arc-20160816; b=R/LUr29YpSMx8PVXQ1c28v2bmxC/8ITAS73/KCYKHUBb/Bcs8kUV9E/HAENgl5tz/x zbcxfTa+JJ9jmzO6p9VLEl7r8fhoZ/7Z8+qBMnpSVrFkWKXlooukMxbr/9X5pXfSsWb+ zhhrlRamLOX9LBjmTEvQWN9tQNa1i/Y5DPZAb3wJHrlJie0jkj28mGg4dKsAKck6KWoh Q5FcnJKjIo+zblRUnQ2twJ25jAg5sKA5FPSNmQqX9ILEgycuLFpOqQo96o7wHCs7FWvG xkyrbjX7PP5q5QgjC05hyo4telp2hZ/Z/evBYGTMSujsOPn/CA9rApdL/WrI83WZ6lJQ IgyA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=6Wzg2EFUCtxRH8etUmXaucx3Z1jVpwcvQQv3pqRMexI=; fh=BofisjvxW35hSVnf1OkS8np3x1tFrrT8C5JfJchAYjg=; b=xrs+kcsQ4y7JQhUczK3haA+bCrNUocUaUFw+lB464t0RUd+ijJmxJU7Dkmh/YIrFdn Fg4ixwd8XbSFA9qN0Y3qddncDbGyDD3d2jvhE3ia14YLridGE0j3DQc498x/n61EvdZl L2UjwM37Cfl9iZeLdtZd+mTQRv2oy5IpbmhZICK49kdX3bRXmH+22NFu9+RLBp/3nvJf cJmyjZu1HNbp+KDcjivEWKmc6LwrRyndmW35VfpbIDiWr+V4K7GS2NPJ4zbmokSvw5MH I0bOrcmO+2X/Pz2uXtA4F0TrinueGk3UFRHyRwyy+ROxooNoX8Vczhq2NE5S11//I2XD vHKg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=XsC5mSFE; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-170993-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-170993-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id t35-20020a056a0013a300b006eadf481e9bsi8133262pfg.13.2024.05.07.02.43.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 May 2024 02:43:49 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-170993-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=XsC5mSFE; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-170993-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-170993-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 803DB283B39 for ; Tue, 7 May 2024 09:43:31 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 3EE2A161327; Tue, 7 May 2024 09:36:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="XsC5mSFE" Received: from mail-lj1-f171.google.com (mail-lj1-f171.google.com [209.85.208.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 794DE14E2F0; Tue, 7 May 2024 09:36:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.171 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715074572; cv=none; b=jPDUisMyCUSVhpES+1KxtoAHdZeoFqabMN7ps2P6Lw22O3ddK0M43vkwefPgFVYANkR3qVey7V18NauJykXGn2Mo3tfVNdxY/BdyPmtqjRGdJJAgqyhTMV47k/5F8GbkvtUqfyDzd0W134LABJ9OpZmLsuKpRjrfFYyqxAsG6ZE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715074572; c=relaxed/simple; bh=ZonPLdD8zHKArk7jKUAil4WyUpljr0gYV6ie6TPJnnk=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=MfjvyayXMPlpHk0BrPHz2nxAwleBPQnFS0BBzykZQs8BgVBGxhcS1N/J82XNTm+ctyaokJsm79a0RfMuvwFYbNDKDGZydnar26yV84gSQmxyRhf9Ej2d1D+IfSSO5B5uzvCsWuJypDS2P1NRoz3UBLEcQOIw6SnWEhjRej7douE= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=XsC5mSFE; arc=none smtp.client-ip=209.85.208.171 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-lj1-f171.google.com with SMTP id 38308e7fff4ca-2dac77cdf43so37620041fa.2; Tue, 07 May 2024 02:36:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1715074565; x=1715679365; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=6Wzg2EFUCtxRH8etUmXaucx3Z1jVpwcvQQv3pqRMexI=; b=XsC5mSFEsLRULTfr8tc4RBdISh+sjnmB25vQ9unNY+9BK7vR3I/ojNqjY+AoI9Pqho PnWKZTf4iyAqWvQtwzzPS7363UFzuSFB+85TwhKD+TzfF+RhGx6+rmggNRycNxnvdjv4 fOdm9QjayDMgT3Wg2aSDjQbW34D+eOKgSUJgjGf2XsgIFr7rFY9MELljGqPZNHx1PYX9 r+O/VqhytIFxCLt3p+Z1qgfCHWHRdWo8HrgDi90zaec2sRSKSRolIA4cxQvAcefRNu+b rYv0JQiNMcpKKfLSf3kZkD70itLtiVuxpK/70rsiBnPA98e2Dj7RXgZgo0NvF/aC0Gm0 Dbig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715074565; x=1715679365; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6Wzg2EFUCtxRH8etUmXaucx3Z1jVpwcvQQv3pqRMexI=; b=otFYN+LQ1+nYS+WIvvsvJK/sSeWAk3T0fQ0XZzYRQMGy5sD9dFjyW1qEsm+un0va6z toLdDopYwhKt94jqE2g/wUJgvj+1I8LihVvyT1B8pT8X3OvXDchYEP0VWFSlSfPz4V+R 1oXanZ1bA5qxJ7SsMaNeVfsoeqD77inDkwGHN3cK5AMhdDAk4FpISjVtEqkHN46merE7 mRZTBLlcYqj59TlVRAFiHtslcCwPrkQStIv3ww2wKmDl5Wi7fWUnCx0gEy5pKqIkzJY1 5IbE7S+tRWQv4b4QA9OgCpDDLC6UyaXgASOBAVsqo03BqBA8r/bF/yckGnnYxpOSeFPR qOXA== X-Forwarded-Encrypted: i=1; AJvYcCUFKWSsYmI15iNAvxr4XKile+jlW2MMHgZs+E4V9LXhPIKTvK/Dl7rVzIcYewStfM9HtZGvgMMKYWj90H1RoMQb5tV/UW6VdItw8z29 X-Gm-Message-State: AOJu0Yxhjra6H70GJoQK0zhbqOZKi+R7Ft5Zu7Wnx8gDTHKlYCtsMbBe VNabjkgGqyV6wu5nWSd1SI5JzPD0TWk/d9xfQ8xxQKONk9oWFvjr X-Received: by 2002:a2e:80d3:0:b0:2e0:c689:f8cd with SMTP id r19-20020a2e80d3000000b002e0c689f8cdmr8710468ljg.29.1715074564625; Tue, 07 May 2024 02:36:04 -0700 (PDT) Received: from pc638.lan (host-185-121-47-193.sydskane.nu. [185.121.47.193]) by smtp.gmail.com with ESMTPSA id t18-20020a2e9d12000000b002e29c50c4dcsm1335473lji.27.2024.05.07.02.36.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 May 2024 02:36:04 -0700 (PDT) From: "Uladzislau Rezki (Sony)" To: "Paul E . McKenney" Cc: RCU , Neeraj upadhyay , Boqun Feng , Hillf Danton , Joel Fernandes , LKML , Uladzislau Rezki , Oleksiy Avramchenko , Frederic Weisbecker , Nikita Kiryushin , Steven Rostedt Subject: [PATCH 32/48] rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow Date: Tue, 7 May 2024 11:35:14 +0200 Message-Id: <20240507093530.3043-33-urezki@gmail.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240507093530.3043-1-urezki@gmail.com> References: <20240507093530.3043-1-urezki@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: Nikita Kiryushin There is a possibility of buffer overflow in show_rcu_tasks_trace_gp_kthread() if counters, passed to sprintf() are huge. Counter numbers, needed for this are unrealistically high, but buffer overflow is still possible. Use snprintf() with buffer size instead of sprintf(). Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: edf3775f0ad6 ("rcu-tasks: Add count for idle tasks on offline CPUs") Signed-off-by: Nikita Kiryushin Reviewed-by: Steven Rostedt (Google) Signed-off-by: Paul E. McKenney Signed-off-by: Uladzislau Rezki (Sony) --- kernel/rcu/tasks.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/rcu/tasks.h b/kernel/rcu/tasks.h index d5319bbe8c98..08a92bffeb84 100644 --- a/kernel/rcu/tasks.h +++ b/kernel/rcu/tasks.h @@ -1997,7 +1997,7 @@ void show_rcu_tasks_trace_gp_kthread(void) { char buf[64]; - sprintf(buf, "N%lu h:%lu/%lu/%lu", + snprintf(buf, sizeof(buf), "N%lu h:%lu/%lu/%lu", data_race(n_trc_holdouts), data_race(n_heavy_reader_ofl_updates), data_race(n_heavy_reader_updates), -- 2.39.2