diff options
| author | John Ogness <[email protected]> | 2021-01-14 18:10:12 +0106 |
|---|---|---|
| committer | Petr Mladek <[email protected]> | 2021-01-19 11:42:14 +0100 |
| commit | f0e386ee0c0b71ea6f7238506a4d0965a2dbef11 (patch) | |
| tree | fcb64a3869333c1e7e415bced21a6b7e00d1012e /tools/perf/scripts/python/bin/export-to-postgresql-report | |
| parent | 89ccf18f032f26946e2ea6258120472eec6aa745 (diff) | |
printk: fix buffer overflow potential for print_text()
Before the commit 896fbe20b4e2333fb55 ("printk: use the lockless
ringbuffer"), msg_print_text() would only write up to size-1 bytes
into the provided buffer. Some callers expect this behavior and
append a terminator to returned string. In particular:
arch/powerpc/xmon/xmon.c:dump_log_buf()
arch/um/kernel/kmsg_dump.c:kmsg_dumper_stdout()
msg_print_text() has been replaced by record_print_text(), which
currently fills the full size of the buffer. This causes a
buffer overflow for the above callers.
Change record_print_text() so that it will only use size-1 bytes
for text data. Also, for paranoia sakes, add a terminator after
the text data.
And finally, document this behavior so that it is clear that only
size-1 bytes are used and a terminator is added.
Fixes: 896fbe20b4e2333fb55 ("printk: use the lockless ringbuffer")
Cc: [email protected] # 5.10+
Signed-off-by: John Ogness <[email protected]>
Reviewed-by: Petr Mladek <[email protected]>
Acked-by: Sergey Senozhatsky <[email protected]>
Signed-off-by: Petr Mladek <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Diffstat (limited to 'tools/perf/scripts/python/bin/export-to-postgresql-report')
0 files changed, 0 insertions, 0 deletions