Re: [PATCH] printk: fix buffer overflow potential for print_text()

From: Petr Mladek
Date: Fri Jan 15 2021 - 07:05:40 EST

Next message: Arnd Bergmann: "Re: [v2] Old platforms: bring out your dead"
Previous message: Lukas Bulwahn: "[PATCH] fs: anon_inodes: rephrase to appropriate kernel-doc"
In reply to: John Ogness: "[PATCH] printk: fix buffer overflow potential for print_text()"
Next in thread: Petr Mladek: "Re: [PATCH] printk: fix buffer overflow potential for print_text()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu 2021-01-14 18:10:12, John Ogness wrote:
> Before commit b6cf8b3f3312 ("printk: add lockless ringbuffer"),
> msg_print_text() would only write up to size-1 bytes into the
> provided buffer. Some callers expect this behavior and append
> a terminator to returned string. In particular:
>
> arch/powerpc/xmon/xmon.c:dump_log_buf()
> arch/um/kernel/kmsg_dump.c:kmsg_dumper_stdout()
>
> msg_print_text() has been replaced by record_print_text(), which
> currently fills the full size of the buffer. This causes a
> buffer overflow for the above callers.
>
> Change record_print_text() so that it will only use size-1 bytes
> for text data. Also, for paranoia sakes, add a terminator after
> the text data.
>
> And finally, document this behavior so that it is clear that only
> size-1 bytes are used and a terminator is added.
>
> Fixes: b6cf8b3f3312 ("printk: add lockless ringbuffer")
> Signed-off-by: John Ogness <john.ogness@xxxxxxxxxxxxx>

Reviewed-by: Petr Mladek <pmladek@xxxxxxxx>

Best Regards,
Petr

Next message: Arnd Bergmann: "Re: [v2] Old platforms: bring out your dead"
Previous message: Lukas Bulwahn: "[PATCH] fs: anon_inodes: rephrase to appropriate kernel-doc"
In reply to: John Ogness: "[PATCH] printk: fix buffer overflow potential for print_text()"
Next in thread: Petr Mladek: "Re: [PATCH] printk: fix buffer overflow potential for print_text()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]