bug-hurd
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[patch #3350] printk may cause buffer overruns

From: Marcus Brinkmann
Subject: [patch #3350] printk may cause buffer overruns
Date: Tue, 07 Dec 2004 09:27:59 -0500
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040413 Galeon/1.3.15 (Debian package 1.3.15-2) 
This mail is an automated notification from the patch tracker
 of the project: The GNU Hurd.

/**************************************************************************/
[patch #3350] Latest Modifications:

Changes by: 
                Marcus Brinkmann <marcus@gnu.org>
'Date: 
                Tue 12/07/04 at 14:17 (Europe/Berlin)

            What     | Removed                   | Added
---------------------------------------------------------------------------
          Resolution | None                      | Applied
         Assigned to | None                      | ams
              Status | Open                      | Closed


------------------ Additional Follow-up Comments ----------------------------
Committed by Alfred 2004-12-05.






/**************************************************************************/
[patch #3350] Full Item Snapshot:

URL: <http://savannah.gnu.org/patch/?func=detailitem&item_id=3350>
Project: The GNU Hurd
Submitted by: Neal H. Walfield
On: Wed 09/08/04 at 10:36

Category:  GNU Mach
Priority:  5 - Normal
Resolution:  Applied
Privacy:  Public
Assigned to:  ams
Originator Email:  
Status:  Closed


Summary:  printk may cause buffer overruns

Original Submission:  The implementation of printk in linux/dev/kernel/printk.c 
assumes that
the formatted string is less than sizeof (buf) - 3 (BUF being a statically
allocated string of 2048 bytes).  Code in Linux violates this assumption.
For instance, linux/src/drivers/pci/pci.c:pci_init which prints out the
pci bus topography if debugging is enabled.  I looked at writing a
linux_vsnprintf to replace the linux_vsprintf, however, the code is a mess
and the Mach printf code is much easier to work with (kern/printf.c).
Hence, I modified that.

Thanks.

2004-09-08  Neal H. Walfield  <neal@cs.uml.edu>

        * linux/dev/kernel/printk.c: Include <kern/assert.h>.
        (printk): Use vsnprintf, not linux_vsprintf to avoid buffer
        overruns.

        * kern/printf.c (struct vsnprintf_cookie): New structure.
        (snputc): New function.
        (vsnprintf): Likewise.



Follow-up Comments
------------------


-------------------------------------------------------
Date: Tue 12/07/04 at 14:17         By: Marcus Brinkmann <marcus>
Committed by Alfred 2004-12-05.






File Attachments
-------------------

-------------------------------------------------------
Date: Wed 09/08/04 at 10:36  Name: printf.diff  Size: 2.18KB   By: neal

http://savannah.gnu.org/patch/download.php?item_id=3350&amp;item_file_id=3650






For detailed info, follow this link:
<http://savannah.gnu.org/patch/?func=detailitem&item_id=3350>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]