Re: [PATCH] fs/orangefs: use snprintf() instead of sprintf()

From: Amir Mohammad Jahangirzad
Date: Sun Jun 22 2025 - 16:10:12 EST

Next message: Benno Lossin: "Re: [PATCH 4/4] rust: devres: implement register_foreign_release()"
Previous message: Kees Cook: "Re: [PATCH v3] net/9p: Fix buffer overflow in USB transport layer"
In reply to: Al Viro: "Re: [PATCH] fs/orangefs: use snprintf() instead of sprintf()"
Next in thread: Mike Marshall: "Re: [PATCH] fs/orangefs: use snprintf() instead of sprintf()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Jun 22, 2025 at 10:18 PM Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
>
> On Sun, Jun 22, 2025 at 10:09:58PM +0330, Amir Mohammad Jahangirzad wrote:
>
> > > Replace sprintf() with snprintf() for copying the debug string
> > > into a temporary buffer, using ORANGEFS_MAX_DEBUG_STRING_LEN as
> > > the maximum size to ensure safe formatting and prevent memory
> > > corruption in edge cases.
>
> Out of curiosity - have you actually looked at the format used there?

No, I just found this through static analysis. Is there any issue with it?

Next message: Benno Lossin: "Re: [PATCH 4/4] rust: devres: implement register_foreign_release()"
Previous message: Kees Cook: "Re: [PATCH v3] net/9p: Fix buffer overflow in USB transport layer"
In reply to: Al Viro: "Re: [PATCH] fs/orangefs: use snprintf() instead of sprintf()"
Next in thread: Mike Marshall: "Re: [PATCH] fs/orangefs: use snprintf() instead of sprintf()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]