Re: Coverity: console_prepend_dropped(): Memory - corruptions

From: Sergey Senozhatsky
Date: Tue Jan 17 2023 - 02:52:07 EST

Next message: Christoph Hellwig: "Re: [PATCH v6 01/34] vfs: Unconditionally set IOCB_WRITE in call_write_iter()"
Previous message: Krzysztof Kozlowski: "Re: [PATCH 2/6] arm64: dts: qcom: sdm845: move WCD9340 codec to separate file"
In reply to: John Ogness: "Re: Coverity: console_prepend_dropped(): Memory - corruptions"
Next in thread: Petr Mladek: "Re: Coverity: console_prepend_dropped(): Memory - corruptions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On (23/01/17 08:16), John Ogness wrote:
> On 2023-01-17, Sergey Senozhatsky <senozhatsky@xxxxxxxxxxxx> wrote:
> > On (23/01/16 17:35), Petr Mladek wrote:
> >> len = snprintf(scratchbuf, scratchbuf_sz,
> >> "** %lu printk messages dropped **\n", dropped);
> >
> > Wouldn't
> >
> > if (WARN_ON_ONCE(len + PRINTK_PREFIX_MAX >= outbuf_sz))
> > return;
> >
> > prevent us from doing something harmful?
>
> Sure. But @0len is supposed to contain the number of bytes in
> @scratchbuf, which theoretically it does not. snprintf() is the wrong
> function to use here, even if there is not real danger in this
> situation.

Oh, yes, I agree that snprintf() should be replaced. Maybe we can go
even a bit furhter and replace all snprintf()-s in kernel/printk/*
(well, in a similar fashion, just in case). I'm just trying to understand
what type of assumptions does coverity make here and so far everything
looks rather peculiar.

Next message: Christoph Hellwig: "Re: [PATCH v6 01/34] vfs: Unconditionally set IOCB_WRITE in call_write_iter()"
Previous message: Krzysztof Kozlowski: "Re: [PATCH 2/6] arm64: dts: qcom: sdm845: move WCD9340 codec to separate file"
In reply to: John Ogness: "Re: Coverity: console_prepend_dropped(): Memory - corruptions"
Next in thread: Petr Mladek: "Re: Coverity: console_prepend_dropped(): Memory - corruptions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]