mail archive of the barebox mailing list
 help / color / mirror / Atom feed
* [PATCH] common: misc: support strerror(err) for all err <= MAX_ERRNO
@ 2020-09-21  7:11 Ahmad Fatoum
  2020-09-28  8:28 ` Sascha Hauer
  0 siblings, 1 reply; 2+ messages in thread
From: Ahmad Fatoum @ 2020-09-21  7:11 UTC (permalink / raw)
  To: barebox

We have a _LAST_ERRNO of 3 decimal digits. strerror(_LAST_ERRNO) is ok,
but it's still possible that some code passes a non-error code int,
which will overflow the static buffer. Play it safe and bump up the
buffer size to at least 11 characters. This is enough to represent
all integers, with only 7 characters more static storage.

This way strerror(some_int_passed_by_mistake) will not invoke UB.

Signed-off-by: Ahmad Fatoum <ahmad@a3f.at>
---
Detected by ASAN on sandbox a while ago. The place which passed the
non-errno int needs probably fixing as well, but I need to find it again
first..
---
 common/misc.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/common/misc.c b/common/misc.c
index 1c7f93760804..1a1cc071b4d1 100644
--- a/common/misc.c
+++ b/common/misc.c
@@ -22,6 +22,7 @@
 #include <led.h>
 #include <of.h>
 #include <restart.h>
+#include <linux/stringify.h>
 
 int errno;
 EXPORT_SYMBOL(errno);
@@ -29,7 +30,7 @@ EXPORT_SYMBOL(errno);
 
 const char *strerror(int errnum)
 {
-	static char errno_string[10];
+	static char errno_string[sizeof("error -2147483648")];
 
 #ifdef CONFIG_ERRNO_MESSAGES
 	char *str;
-- 
2.28.0


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH] common: misc: support strerror(err) for all err <= MAX_ERRNO
  2020-09-21  7:11 [PATCH] common: misc: support strerror(err) for all err <= MAX_ERRNO Ahmad Fatoum
@ 2020-09-28  8:28 ` Sascha Hauer
  0 siblings, 0 replies; 2+ messages in thread
From: Sascha Hauer @ 2020-09-28  8:28 UTC (permalink / raw)
  To: Ahmad Fatoum; +Cc: barebox

On Mon, Sep 21, 2020 at 09:11:35AM +0200, Ahmad Fatoum wrote:
> We have a _LAST_ERRNO of 3 decimal digits. strerror(_LAST_ERRNO) is ok,
> but it's still possible that some code passes a non-error code int,
> which will overflow the static buffer. Play it safe and bump up the
> buffer size to at least 11 characters. This is enough to represent
> all integers, with only 7 characters more static storage.
> 
> This way strerror(some_int_passed_by_mistake) will not invoke UB.
> 
> Signed-off-by: Ahmad Fatoum <ahmad@a3f.at>
> ---
> Detected by ASAN on sandbox a while ago. The place which passed the
> non-errno int needs probably fixing as well, but I need to find it again
> first..
> ---
>  common/misc.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)

Applied, thanks

Sascha


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2020-09-28  8:28 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-21  7:11 [PATCH] common: misc: support strerror(err) for all err <= MAX_ERRNO Ahmad Fatoum
2020-09-28  8:28 ` Sascha Hauer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox