[PATCH 2/5] kallsyms: replace sprintf with scnprintf
Maninder Singh
maninder1.s at samsung.com
Fri May 20 18:36:58 AEST 2022
replace sprintf API with scnprintf which prevents buffer overflow.
Co-developed-by: Onkarnath <onkarnath.1 at samsung.com>
Signed-off-by: Onkarnath <onkarnath.1 at samsung.com>
Signed-off-by: Maninder Singh <maninder1.s at samsung.com>
---
kernel/kallsyms.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/kernel/kallsyms.c b/kernel/kallsyms.c
index f354378e241f..9e4316fe0ba1 100644
--- a/kernel/kallsyms.c
+++ b/kernel/kallsyms.c
@@ -472,28 +472,29 @@ static int __sprint_symbol(char *buffer, size_t buf_size, unsigned long address,
name = kallsyms_lookup_buildid(address, &size, &offset, &modname, &buildid,
buffer);
if (!name)
- return sprintf(buffer, "0x%lx", address - symbol_offset);
+ return scnprintf(buffer, buf_size, "0x%lx", address - symbol_offset);
if (name != buffer)
- strcpy(buffer, name);
+ strncpy(buffer, name, buf_size);
+
len = strlen(buffer);
offset -= symbol_offset;
if (add_offset)
- len += sprintf(buffer + len, "+%#lx/%#lx", offset, size);
+ len += scnprintf(buffer + len, buf_size - len, "+%#lx/%#lx", offset, size);
if (modname) {
- len += sprintf(buffer + len, " [%s", modname);
+ len += scnprintf(buffer + len, buf_size - len, " [%s", modname);
#if IS_ENABLED(CONFIG_STACKTRACE_BUILD_ID)
if (add_buildid && buildid) {
/* build ID should match length of sprintf */
#if IS_ENABLED(CONFIG_MODULES)
static_assert(sizeof(typeof_member(struct module, build_id)) == 20);
#endif
- len += sprintf(buffer + len, " %20phN", buildid);
+ len += scnprintf(buffer + len, buf_size - len, " %20phN", buildid);
}
#endif
- len += sprintf(buffer + len, "]");
+ len += scnprintf(buffer + len, buf_size - len, "]");
}
return len;
--
2.17.1
More information about the Linuxppc-dev
mailing list