[PATCH] tomoyo: Use scnprintf() for avoiding potential buffer overflow

Tetsuo Handa penguin-kernel at i-love.sakura.ne.jp
Wed Mar 11 10:20:44 UTC 2020

On 2020/03/11 18:36, Takashi Iwai wrote:
> Since snprintf() returns the would-be-output size instead of the
> actual output size, the succeeding calls may go beyond the given
> buffer limit.  Fix it by replacing with scnprintf().
> Signed-off-by: Takashi Iwai <tiwai at suse.de>
> ---
>  security/tomoyo/audit.c | 18 +++++++++---------
>  1 file changed, 9 insertions(+), 9 deletions(-)

Thanks for a patch. But current code will simply hit WARN_ON_ONCE() in vsnprintf()
if the would-be-output size went beyond the given buffer limit, and we have never
hit that warning from this function. That is, the buffer limit is large enough,
and the last byte is guaranteed to be '\0'.

More information about the Linux-security-module-archive mailing list