security/keys/proc.c:217:45: warning: 'sprintf' may write a terminating nul past the end of the destination
From: kernel test robot
Date: Sat Jan 06 2024 - 10:31:29 EST
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 95c8a35f1c017327eab3b6a2ff5c04255737c856
commit: 2f78788b55baa3410b1ec91a576286abe1ad4d6a ilog2: improve ilog2 for constant arguments
date: 3 years, 1 month ago
config: arm-nhk8815_defconfig (https://download.01.org/0day-ci/archive/20240106/202401062301.BVsuAP57-lkp@xxxxxxxxx/config)
compiler: arm-linux-gnueabi-gcc (GCC) 13.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20240106/202401062301.BVsuAP57-lkp@xxxxxxxxx/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-kbuild-all/202401062301.BVsuAP57-lkp@xxxxxxxxx/
All warnings (new ones prefixed by >>):
security/keys/proc.c: In function 'proc_keys_show':
>> security/keys/proc.c:217:45: warning: 'sprintf' may write a terminating nul past the end of the destination [-Wformat-overflow=]
217 | sprintf(xbuf, "%lluw", div_u64(timo, 60 * 60 * 24 * 7));
| ^
security/keys/proc.c:217:25: note: 'sprintf' output between 3 and 17 bytes into a destination of size 16
217 | sprintf(xbuf, "%lluw", div_u64(timo, 60 * 60 * 24 * 7));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
security/keys/proc.c:215:45: warning: 'sprintf' may write a terminating nul past the end of the destination [-Wformat-overflow=]
215 | sprintf(xbuf, "%llud", div_u64(timo, 60 * 60 * 24));
| ^
security/keys/proc.c:215:25: note: 'sprintf' output between 3 and 17 bytes into a destination of size 16
215 | sprintf(xbuf, "%llud", div_u64(timo, 60 * 60 * 24));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> security/keys/proc.c:213:44: warning: 'h' directive writing 1 byte into a region of size between 0 and 15 [-Wformat-overflow=]
213 | sprintf(xbuf, "%lluh", div_u64(timo, 60 * 60));
| ^
security/keys/proc.c:213:25: note: 'sprintf' output between 3 and 18 bytes into a destination of size 16
213 | sprintf(xbuf, "%lluh", div_u64(timo, 60 * 60));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
vim +/sprintf +217 security/keys/proc.c
^1da177e4c3f41 Linus Torvalds 2005-04-16 152
^1da177e4c3f41 Linus Torvalds 2005-04-16 153 static int proc_keys_show(struct seq_file *m, void *v)
^1da177e4c3f41 Linus Torvalds 2005-04-16 154 {
^1da177e4c3f41 Linus Torvalds 2005-04-16 155 struct rb_node *_p = v;
^1da177e4c3f41 Linus Torvalds 2005-04-16 156 struct key *key = rb_entry(_p, struct key, serial_node);
ab5c69f01313c8 Eric Biggers 2017-09-27 157 unsigned long flags;
927942aabbbe50 David Howells 2010-06-11 158 key_ref_t key_ref, skey_ref;
074d58989569b3 Baolin Wang 2017-11-15 159 time64_t now, expiry;
03dab869b7b239 David Howells 2016-10-26 160 char xbuf[16];
363b02dab09b32 David Howells 2017-10-04 161 short state;
074d58989569b3 Baolin Wang 2017-11-15 162 u64 timo;
06ec7be557a125 Michael LeMay 2006-06-26 163 int rc;
06ec7be557a125 Michael LeMay 2006-06-26 164
4bdf0bc3003141 David Howells 2013-09-24 165 struct keyring_search_context ctx = {
ede0fa98a900e6 Eric Biggers 2019-02-22 166 .index_key = key->index_key,
4aa68e07d84556 Eric Biggers 2017-09-18 167 .cred = m->file->f_cred,
462919591a1791 David Howells 2014-09-16 168 .match_data.cmp = lookup_user_key_possessed,
462919591a1791 David Howells 2014-09-16 169 .match_data.raw_data = key,
462919591a1791 David Howells 2014-09-16 170 .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT,
dcf49dbc8077e2 David Howells 2019-06-26 171 .flags = (KEYRING_SEARCH_NO_STATE_CHECK |
dcf49dbc8077e2 David Howells 2019-06-26 172 KEYRING_SEARCH_RECURSE),
4bdf0bc3003141 David Howells 2013-09-24 173 };
4bdf0bc3003141 David Howells 2013-09-24 174
028db3e290f15a Linus Torvalds 2019-07-10 175 key_ref = make_key_ref(key, 0);
927942aabbbe50 David Howells 2010-06-11 176
927942aabbbe50 David Howells 2010-06-11 177 /* determine if the key is possessed by this process (a test we can
927942aabbbe50 David Howells 2010-06-11 178 * skip if the key does not indicate the possessor can view it
927942aabbbe50 David Howells 2010-06-11 179 */
028db3e290f15a Linus Torvalds 2019-07-10 180 if (key->perm & KEY_POS_VIEW) {
028db3e290f15a Linus Torvalds 2019-07-10 181 rcu_read_lock();
e59428f721ee09 David Howells 2019-06-19 182 skey_ref = search_cred_keyrings_rcu(&ctx);
028db3e290f15a Linus Torvalds 2019-07-10 183 rcu_read_unlock();
927942aabbbe50 David Howells 2010-06-11 184 if (!IS_ERR(skey_ref)) {
927942aabbbe50 David Howells 2010-06-11 185 key_ref_put(skey_ref);
927942aabbbe50 David Howells 2010-06-11 186 key_ref = make_key_ref(key, 1);
927942aabbbe50 David Howells 2010-06-11 187 }
927942aabbbe50 David Howells 2010-06-11 188 }
927942aabbbe50 David Howells 2010-06-11 189
4aa68e07d84556 Eric Biggers 2017-09-18 190 /* check whether the current task is allowed to view the key */
f5895943d91b41 David Howells 2014-03-14 191 rc = key_task_permission(key_ref, ctx.cred, KEY_NEED_VIEW);
06ec7be557a125 Michael LeMay 2006-06-26 192 if (rc < 0)
028db3e290f15a Linus Torvalds 2019-07-10 193 return 0;
^1da177e4c3f41 Linus Torvalds 2005-04-16 194
074d58989569b3 Baolin Wang 2017-11-15 195 now = ktime_get_real_seconds();
^1da177e4c3f41 Linus Torvalds 2005-04-16 196
028db3e290f15a Linus Torvalds 2019-07-10 197 rcu_read_lock();
028db3e290f15a Linus Torvalds 2019-07-10 198
^1da177e4c3f41 Linus Torvalds 2005-04-16 199 /* come up with a suitable timeout value */
ab5c69f01313c8 Eric Biggers 2017-09-27 200 expiry = READ_ONCE(key->expiry);
ab5c69f01313c8 Eric Biggers 2017-09-27 201 if (expiry == 0) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 202 memcpy(xbuf, "perm", 5);
074d58989569b3 Baolin Wang 2017-11-15 203 } else if (now >= expiry) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 204 memcpy(xbuf, "expd", 5);
7b1b9164598286 David Howells 2009-09-02 205 } else {
074d58989569b3 Baolin Wang 2017-11-15 206 timo = expiry - now;
^1da177e4c3f41 Linus Torvalds 2005-04-16 207
^1da177e4c3f41 Linus Torvalds 2005-04-16 208 if (timo < 60)
074d58989569b3 Baolin Wang 2017-11-15 209 sprintf(xbuf, "%llus", timo);
^1da177e4c3f41 Linus Torvalds 2005-04-16 210 else if (timo < 60*60)
074d58989569b3 Baolin Wang 2017-11-15 211 sprintf(xbuf, "%llum", div_u64(timo, 60));
^1da177e4c3f41 Linus Torvalds 2005-04-16 212 else if (timo < 60*60*24)
074d58989569b3 Baolin Wang 2017-11-15 @213 sprintf(xbuf, "%lluh", div_u64(timo, 60 * 60));
^1da177e4c3f41 Linus Torvalds 2005-04-16 214 else if (timo < 60*60*24*7)
074d58989569b3 Baolin Wang 2017-11-15 215 sprintf(xbuf, "%llud", div_u64(timo, 60 * 60 * 24));
^1da177e4c3f41 Linus Torvalds 2005-04-16 216 else
074d58989569b3 Baolin Wang 2017-11-15 @217 sprintf(xbuf, "%lluw", div_u64(timo, 60 * 60 * 24 * 7));
^1da177e4c3f41 Linus Torvalds 2005-04-16 218 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 219
363b02dab09b32 David Howells 2017-10-04 220 state = key_read_state(key);
363b02dab09b32 David Howells 2017-10-04 221
:::::: The code at line 217 was first introduced by commit
:::::: 074d58989569b39f04294c90ef36dd82b8c2cc1a security: keys: Replace time_t/timespec with time64_t
:::::: TO: Baolin Wang <baolin.wang@xxxxxxxxxx>
:::::: CC: David Howells <dhowells@xxxxxxxxxx>
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki