Received: by 2002:ab2:6991:0:b0:1f7:f6c3:9cb1 with SMTP id v17csp335911lqo; Wed, 8 May 2024 00:49:09 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCW+xCyel+cKl7MJQQgC0jMt/cSO8XoVYlrj9VK79uCFBW3orCaNh5ppan36OLmtqP27V2OjZKm1urF3smBtBwwV+GzjuxLaNeIzrLoi3g== X-Google-Smtp-Source: AGHT+IGAva5CzOGZkLHVEpXK77RKJLMhl9UiSNRqQ0Z1QO02dkIzjJdP41M50rT77teJKR7rnWLC X-Received: by 2002:a17:906:f203:b0:a59:b6e8:9ded with SMTP id a640c23a62f3a-a59fb9b8788mr95767766b.59.1715154549795; Wed, 08 May 2024 00:49:09 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1715154549; cv=pass; d=google.com; s=arc-20160816; b=EjZiGa/CytAabHu01Wbb7LwUt7/6gsvMMKM3qbsVvFHWhq0WCWa2Hzcpz2zPPwwDgd +fBJLhA1O4tLhgR2Q4Y7gKeeEW8C3brYBQRyZiyA9pBHXaOwupNKe9mL5kNYo2PM9PA6 /m8gcXc69oKz5C4n5LCi8j1jKTQavhc3sKDt9awoUZX0Guh29bf8iZGNLgGFHFlfjE3Z MwrhQZ9qIAjFMnRAr8YUQqQO1F8+9AB1QmkY++6/CJ80UkJLAuqykxBCknoLAu00Afvj 37kVqiMacky48XfQB20dnnmplEntuctruVhXueaQV7RUP4Fqd952Xyab78ac809S01BG 2JkQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:message-id; bh=MmLhDLEbQWMnT0//LtWrCQUQbiuEglzaZJL+YZYy2Po=; fh=De1alPuR9X2mkrold7jCggkdWLzM6X2VJxcP5Z0HQiQ=; b=Lop43cvPaImVvxYwsjBGuB/roYlYLlDUdYHdF2OpzmB0iWZE7jUrvHiHwd3mhXhS1O BbkkYF+py0m4nQlD7qULGPqS0Ov9cTEPhO9Rim5WboZYB9uS9MU4hpaQH0QPuU3qCi2N BUPWlp6s17+2nZULJysoiUWMN36gG8/j3xW9sXPzEiggd9yb2zLWzHxeXMet0ybZXtsD tSH6uspszRzWL3H3sofrlfq5b0SijqulZM1j7l0FnpHXFMHcfRvphn9qshwGiPBSk7Lg OxFmSfpv3k0LE1tJdeBjPT900g8EBvpykIZoWQxnUcHUkksIJSVv1t5mePtnvOZ+xhjP JH+g==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-172854-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-172854-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id js14-20020a17090797ce00b00a59d672b9b4si2785641ejc.856.2024.05.08.00.49.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 08 May 2024 00:49:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-172854-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-172854-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-172854-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 8622F1F213E0 for ; Wed, 8 May 2024 07:49:09 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 31FF836B08; Wed, 8 May 2024 07:49:01 +0000 (UTC) Received: from mail-wm1-f54.google.com (mail-wm1-f54.google.com [209.85.128.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 363572C86A; Wed, 8 May 2024 07:48:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.54 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715154540; cv=none; b=hn9aYXvHe/MY4WFQP4sT9m9JWifWewnlSe3JtKCsAf2MEgQHZziPB93vV4uSKnOJ44bFNbs2b0HuvAAuhU2hGuP9kEEzMSYsyXAWR/bCNrRAP/YEPxd9ywTwUVToHcsvmXHwIIyyyl6d4405Y9Q1QIOj8wusLB3xBgx6RzkP+kc= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715154540; c=relaxed/simple; bh=UNGBSeWj3kAH9AELmuz/k/gmtKWSoXSE1ObAtSSeO60=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=bYz6JbwUS6pj109EwfPSspIZcYrpomo3f0b1jhAWEVjuxHCj7FhfStqKyH8FbWYYPyb0CHNnly4GTSpgXE/cXV3r2CFy1xLU+hgLgA15HjhxqyeC8wv8ww9xDRTyA6y/Qj98mbSOjvM10eORx2s7LaDtyhhKwhDxIFONZrOltlw= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=grimberg.me; spf=pass smtp.mailfrom=gmail.com; arc=none smtp.client-ip=209.85.128.54 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=grimberg.me Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-wm1-f54.google.com with SMTP id 5b1f17b1804b1-41bd8bdd065so5417355e9.3; Wed, 08 May 2024 00:48:58 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715154537; x=1715759337; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=MmLhDLEbQWMnT0//LtWrCQUQbiuEglzaZJL+YZYy2Po=; b=LLlDwucRz53E/4B7a7OuMT3ADBXX0asqsNBl809xR65QaFagtLItgrvj3iVS0Cnhus 78F6jBEKSPUFtgvHT6EVRUuoZjUObjPbnId4FpIoLHkJCRnzhrGqbO1ZAv5S8aqJ2fVL gLZl16b0JAVid88GfaOGFl64kuKTlywVOGuXGPBrYsBPaT97ld3s0qRU2PLjc3o3AALA xSr5HFI8PnkR49UzOM4V1kKERn4Olhipd0fE156eavALV9hj65dRkMFgR91XkIYkUzKW B8JLu101oBbUV9U45VqzPrXx4rttKQ6NZMSCMQ2s9D4oi2js5DSbwtDnpJ067WKEIYaA 78Gw== X-Forwarded-Encrypted: i=1; AJvYcCVgLCHUJq3DAjn9p5QJbVZxExdne7jkvpGk0egtamXFSBVI5te5YKSsK4BngX4feJaHQSm7+NhZ01Ea75nUQNvq1mqBGTUQt/dkCCniobIyLUC1wzwN1A5Si7dUiG5ZOtShnbbOAfj/EB/w6w76 X-Gm-Message-State: AOJu0YzTkBhuTVuvJKZITOKNIsP5zmhKWorENT28Lqk0zsqJgoZuKXZZ +2V82nxtx/fdLdT0cBYs4XPgPCelrLUe2/7qYpSf7rvs/mN3zqms X-Received: by 2002:a5d:4a4f:0:b0:34f:4e00:876f with SMTP id ffacd0b85a97d-34fca8104bfmr1476690f8f.1.1715154537202; Wed, 08 May 2024 00:48:57 -0700 (PDT) Received: from [10.50.4.180] (bzq-84-110-32-226.static-ip.bezeqint.net. [84.110.32.226]) by smtp.gmail.com with ESMTPSA id q27-20020adfab1b000000b0034e24be18a1sm14783292wrc.15.2024.05.08.00.48.56 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 08 May 2024 00:48:56 -0700 (PDT) Message-ID: <80d7474a-3a94-44a9-8e82-5831f1961ef5@grimberg.me> Date: Wed, 8 May 2024 10:48:55 +0300 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] nvmet: prevent sprintf() overflow in nvmet_subsys_nsid_exists() To: Dan Carpenter Cc: Christoph Hellwig , Chaitanya Kulkarni , Keith Busch , linux-nvme@lists.infradead.org, linux-kernel@vger.kernel.org, kernel-janitors@vger.kernel.org References: <25e9c58d-d192-4a91-ad40-4c2ea01fbdf5@moroto.mountain> Content-Language: he-IL, en-US From: Sagi Grimberg In-Reply-To: <25e9c58d-d192-4a91-ad40-4c2ea01fbdf5@moroto.mountain> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 08/05/2024 10:43, Dan Carpenter wrote: > The nsid value is a u32 that comes from nvmet_req_find_ns(). It's > endian data and we're on an error path and both of those raise red > flags. So let's make this safer. > > 1) Make the buffer large enough for any u32. > 2) Remove the unnecessary initialization. > 3) Use snprintf() instead of sprintf() for even more safety. > 4) The sprintf() function returns the number of bytes printed, not > counting the NUL terminator. It is impossible for the return value to > be <= 0 so delete that. > > Fixes: 505363957fad ("nvmet: fix nvme status code when namespace is disabled") > Signed-off-by: Dan Carpenter Reviewed-by: Sagi Grimberg