Xen project Mailing List

[Xen-devel] [PATCH 3/7] tools/blktap2: fix hypothetical buffer overflow

From: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>

Date: Thu, 5 Apr 2018 03:50:51 +0200

Cc: Wei Liu <wei.liu2@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>

Delivery-date: Thu, 05 Apr 2018 01:51:47 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

gcc-8 complains: vhd-util-read.c: In function 'vhd_util_read': vhd-util-read.c:50:24: error: '%lu' directive output may be truncated writing between 1 and 20 bytes into a region of size 15 [-Werror=format-truncation=] snprintf(nbuf, nsize, "%" PRIu64, num); ^~~ vhd-util-read.c:50:25: note: format string is defined here snprintf(nbuf, nsize, "%" PRIu64, num); vhd-util-read.c:50:24: note: directive argument in the range [0, 18446744073709551614] snprintf(nbuf, nsize, "%" PRIu64, num); ^~~ vhd-util-read.c:50:2: note: 'snprintf' output between 2 and 21 bytes into a destination of size 15 snprintf(nbuf, nsize, "%" PRIu64, num); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ vhd-util-read.c:43:24: error: '%#lx' directive output may be truncated writing between 1 and 18 bytes into a region of size 15 [-Werror=format-truncation=] snprintf(nbuf, nsize, "%#" PRIx64 , num); ^~~~ vhd-util-read.c:43:25: note: format string is defined here snprintf(nbuf, nsize, "%#" PRIx64 , num); vhd-util-read.c:43:24: note: directive argument in the range [0, 18446744073709551614] snprintf(nbuf, nsize, "%#" PRIx64 , num); ^~~~ vhd-util-read.c:43:2: note: 'snprintf' output between 2 and 19 bytes into a destination of size 15 snprintf(nbuf, nsize, "%#" PRIx64 , num); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Make the buffer larger. Signed-off-by: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx> --- tools/blktap2/vhd/lib/vhd-util-read.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/blktap2/vhd/lib/vhd-util-read.c b/tools/blktap2/vhd/lib/vhd-util-read.c index ac4d833..f290661 100644 --- a/tools/blktap2/vhd/lib/vhd-util-read.c +++ b/tools/blktap2/vhd/lib/vhd-util-read.c @@ -34,7 +34,7 @@ #include "libvhd.h" #include "vhd-util.h" -#define nsize 15 +#define nsize 24 static char nbuf[nsize]; static inline char * -- git-series 0.9.1 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.