diff options
| author | Arnd Bergmann <arnd@arndb.de> | 2017-09-13 16:28:23 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2017-09-13 18:53:15 -0700 |
| commit | ebfddb3d447f5267c76680ea4d242e6f9bcafa87 (patch) | |
| tree | e3b10c4586e31933b9e157328b7952ce1bd95175 /fs/exec.c | |
| parent | 8185f5708d2488393dc2acec21d19ac53d61b4a0 (diff) | |
| download | linux-rt-ebfddb3d447f5267c76680ea4d242e6f9bcafa87.tar.gz | |
fscache: fix fscache_objlist_show format processing
gcc points out a minor bug in the handling of unknown cookie types,
which could result in a string overflow when the integer is copied into
a 3-byte string:
fs/fscache/object-list.c: In function 'fscache_objlist_show':
fs/fscache/object-list.c:265:19: error: 'sprintf' may write a terminating nul past the end of the destination [-Werror=format-overflow=]
sprintf(_type, "%02u", cookie->def->type);
^~~~~~
fs/fscache/object-list.c:265:4: note: 'sprintf' output between 3 and 4 bytes into a destination of size 3
This is currently harmless as no code sets a type other than 0 or 1, but
it makes sense to use snprintf() here to avoid overflowing the array if
that changes.
Link: http://lkml.kernel.org/r/20170714120720.906842-22-arnd@arndb.de
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/exec.c')
0 files changed, 0 insertions, 0 deletions