| Message ID | 20230222155244.133890-1-jlayton@kernel.org (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | linearize.c: fix potential buffer overrun | expand |
On Wed, Feb 22, 2023 at 10:52:44AM -0500, Jeff Layton wrote: > The resulting string won't be nearly 64 bytes, but "buf" is only 16 > bytes long here, and this causes FORTIFY_SOURCE to barf when given the > right options. > > Signed-off-by: Jeff Layton <jlayton@kernel.org> Pushed to mainline now. Sorry for this very long delay. -- Luc
diff --git a/linearize.c b/linearize.c index d9aed61b361f..1db2d505a7d4 100644 --- a/linearize.c +++ b/linearize.c @@ -91,7 +91,7 @@ const char *show_label(struct basic_block *bb) if (!bb) return ".L???"; - snprintf(buf, 64, ".L%u", bb->nr); + snprintf(buf, 16, ".L%u", bb->nr); return buf; }
The resulting string won't be nearly 64 bytes, but "buf" is only 16 bytes long here, and this causes FORTIFY_SOURCE to barf when given the right options. Signed-off-by: Jeff Layton <jlayton@kernel.org> --- linearize.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)