Revision ebfddb3d447f5267c76680ea4d242e6f9bcafa87 authored by Arnd Bergmann on 13 September 2017, 23:28:23 UTC, committed by Linus Torvalds on 14 September 2017, 01:53:15 UTC
gcc points out a minor bug in the handling of unknown cookie types,
which could result in a string overflow when the integer is copied into
a 3-byte string:
fs/fscache/object-list.c: In function 'fscache_objlist_show':
fs/fscache/object-list.c:265:19: error: 'sprintf' may write a terminating nul past the end of the destination [-Werror=format-overflow=]
sprintf(_type, "%02u", cookie->def->type);
^~~~~~
fs/fscache/object-list.c:265:4: note: 'sprintf' output between 3 and 4 bytes into a destination of size 3
This is currently harmless as no code sets a type other than 0 or 1, but
it makes sense to use snprintf() here to avoid overflowing the array if
that changes.
Link: http://lkml.kernel.org/r/20170714120720.906842-22-arnd@arndb.de
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1 parent 8185f57
| File | Mode | Size |
|---|---|---|
| devices | ||
| joydev | ||
| conf.py | -rw-r--r-- | 225 bytes |
| event-codes.rst | -rw-r--r-- | 14.7 KB |
| ff.rst | -rw-r--r-- | 7.5 KB |
| gamepad.rst | -rw-r--r-- | 7.3 KB |
| gameport-programming.rst | -rw-r--r-- | 6.0 KB |
| index.rst | -rw-r--r-- | 254 bytes |
| input-programming.rst | -rw-r--r-- | 10.4 KB |
| input.rst | -rw-r--r-- | 8.9 KB |
| input_kapi.rst | -rw-r--r-- | 277 bytes |
| input_uapi.rst | -rw-r--r-- | 330 bytes |
| interactive.svg | -rw-r--r-- | 3.3 KB |
| multi-touch-protocol.rst | -rw-r--r-- | 17.2 KB |
| notifier.rst | -rw-r--r-- | 1.8 KB |
| shape.svg | -rw-r--r-- | 5.5 KB |
| uinput.rst | -rw-r--r-- | 6.6 KB |
| userio.rst | -rw-r--r-- | 2.9 KB |
Computing file changes ...
