From patchwork Fri Oct 4 02:59:30 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paulo Miguel Almeida X-Patchwork-Id: 13821761 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id E147BCF856A for ; Fri, 4 Oct 2024 03:01:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Type:MIME-Version: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Owner; bh=Q3NU33QKfsB47hS4uf2RyTU4prcTlzS/YFj3Qi75XHY=; b=y9XZnvxfO4IcgYH6pmsQa+Kw8M +6CtOZVc4lrrY+hMLW8va1pT6ipwNdbsswUUiixi2vlph2TXyYdYxki/M/4lQI4pLaGcRHEGX1OHV tme1hM27p3RJJQFzSDe/Py4vwD1tkyvhxbVJbHOwmEtc5n2vpzg3WmdK4PkLS7AyilmALN+oHIe5i nxubKQXSx1WODpeDWzoTyFhNiXUptF9aE38Z+OzeI1w8j6S21RKSpKScXn3GJz4mXVw4uuPkD/kF1 gV/zDn4dW2CELeHFoisoFC0RXwPp7mjDiv0telM+vc6G4nbbTifH/TGCMQAs8+XJj8YpbZCgiTuok Q3o+LbGg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1swYYs-0000000AuJB-0b4M; Fri, 04 Oct 2024 03:00:58 +0000 Received: from mail-pl1-x632.google.com ([2607:f8b0:4864:20::632]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1swYXa-0000000Au8G-12Qz for linux-arm-kernel@lists.infradead.org; Fri, 04 Oct 2024 02:59:40 +0000 Received: by mail-pl1-x632.google.com with SMTP id d9443c01a7336-20b7463dd89so18210115ad.2 for ; Thu, 03 Oct 2024 19:59:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728010777; x=1728615577; darn=lists.infradead.org; h=content-disposition:mime-version:message-id:subject:cc:to:from:date :from:to:cc:subject:date:message-id:reply-to; bh=Q3NU33QKfsB47hS4uf2RyTU4prcTlzS/YFj3Qi75XHY=; b=MXxO9A9c0ZUhdw77x7SDPPV7CwMlI9yjuSg9tPCpjxY/IOndyW/2ufjNSUQyhCkheT 3nDYXn/5qQFqXy4ncCE+qxYy1OnENwNkIVXqzgTB8Bigy61ZavOLRwmhAKSCrXrHcsf6 a6kOqls+sdzgJczx8sHkohBNbhnXFzok7vpyfEDxC0Q24qsAF8Azmfww2LhXiSm+6lTe lzktt/cSLfZsru5wqirEAT2E33n26R0X9oV2MZ35C34DL2BzFy+F3PjLRDxeaUbcwhSf xnmzM7cL4MRVHilee+TrfRAgZu57nBzYApy0Vmv29UkAn7jA0clds3K6yDj1QhvKIm4T xULQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728010777; x=1728615577; h=content-disposition:mime-version:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Q3NU33QKfsB47hS4uf2RyTU4prcTlzS/YFj3Qi75XHY=; b=m2wFwvAqOpcgEEeTlF8lG2QZHp1oHRjQX/L3SXbaTK21Slsrph0sAvRx7sIT1ub0cQ 23evB8JSMDHXyx8hSjjNgzVyHm9BUhF9R2dmjloA+//0FOPh4xTzZX5BNYTtCRgtoCVX yCjX7MSKX6K/mcQkOTY889/KsnIWaRj0GoNcWc8IxGWhqURpQs2noaz5x6jIXZ5PE2e/ KfcEQ/IeWpdLyVjNjqfr22EeFxt5K6FTatQsfNhUrLMV1WU9SxdIOqNcL6Xwddca6G2n ZQAuyKiWwBQCEX07Ovyga/ShUXN9KCoXVDdLrfGoPrhKIShsujHAja2iwj4WJE/OwNYJ xd0Q== X-Forwarded-Encrypted: i=1; AJvYcCUUQZOMaGuZYz1xduZ+B/CpJRLDm8xJfnd3l1Rh6xq2OMqIgt8+CiR7gzXXMCieoQfQ8ts7ZccgriXrcheYASSF@lists.infradead.org X-Gm-Message-State: AOJu0YxPtXlQDrOOo/jrbL7BG13jaWKxqcU4lOGw1Wz2L4sGul+tIO/K Lk5l9+/VUOoiQgWUkDyTnlGyuP3nOBUqgMYdoER25CS/1cqQATvDBBs/dg== X-Google-Smtp-Source: AGHT+IH2+nbgvbeYemeG2wYutlDVYsTdoTHTGCYG8oK7AV3Pye0F2DtCF+aaFGmh2ybEkU4bzCPPkw== X-Received: by 2002:a17:902:c94e:b0:20b:b479:94dc with SMTP id d9443c01a7336-20bfdf6aef8mr21467915ad.8.1728010776610; Thu, 03 Oct 2024 19:59:36 -0700 (PDT) Received: from mail.google.com (125-239-144-11-fibre.sparkbb.co.nz. [125.239.144.11]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-20bef706fa1sm15363755ad.264.2024.10.03.19.59.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 03 Oct 2024 19:59:36 -0700 (PDT) Date: Fri, 4 Oct 2024 15:59:30 +1300 From: Paulo Miguel Almeida To: linux@armlinux.org.uk, linux-arm-kernel@lists.infradead.org Cc: paulo.miguel.almeida.rodenas@gmail.com, linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] [next] ARM: Replace snprintf() with the safer scnprintf() variant Message-ID: MIME-Version: 1.0 Content-Disposition: inline X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241003_195938_312495_2B402685 X-CRM114-Status: GOOD ( 11.86 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org There is a general misunderstanding amongst engineers that {v}snprintf() returns the length of the data *actually* encoded into the destination array. However, as per the C99 standard {v}snprintf() really returns the length of the data that *would have been* written if there were enough space for it. This misunderstanding has led to buffer-overruns in the past. It's generally considered safer to use the {v}scnprintf() variants in their place (or even sprintf() in simple cases). Link: https://lwn.net/Articles/69419/ Link: https://github.com/KSPP/linux/issues/105 Signed-off-by: Paulo Miguel Almeida --- arch/arm/kernel/process.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/arm/kernel/process.c b/arch/arm/kernel/process.c index e16ed102960c..9d768a93fb1c 100644 --- a/arch/arm/kernel/process.c +++ b/arch/arm/kernel/process.c @@ -186,8 +186,8 @@ void __show_regs(struct pt_regs *regs) unsigned int transbase; asm("mrc p15, 0, %0, c2, c0\n\t" : "=r" (transbase)); - snprintf(buf, sizeof(buf), " Table: %08x DAC: %08x", - transbase, domain); + scnprintf(buf, sizeof(buf), " Table: %08x DAC: %08x", + transbase, domain); } #endif asm("mrc p15, 0, %0, c1, c0\n" : "=r" (ctrl));