Bug 229952 - src/sys/dev/ocs_fc/ocs_ioctl.c:1123]: (error) Buffer is accessed out of bounds: ocs.sli_intf
Summary: src/sys/dev/ocs_fc/ocs_ioctl.c:1123]: (error) Buffer is accessed out of bound...
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Only Me
Assignee: Mark Johnston
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-07-22 08:20 UTC by David Binderman
Modified: 2018-07-22 18:34 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description David Binderman 2018-07-22 08:20:30 UTC 
Source code is

        snprintf(ocs->sli_intf, sizeof(sli_intf), "%08x",
                 ocs_config_read32(ocs, SLI4_INTF_REG));

Maybe better code

        snprintf(ocs->sli_intf, 9, "%08x",
                 ocs_config_read32(ocs, SLI4_INTF_REG));
Comment 1 commit-hook freebsd_committer freebsd_triage 2018-07-22 18:31:57 UTC 
A commit references this bug:

Author: markj
Date: Sun Jul 22 18:31:16 UTC 2018
New revision: 336615
URL: https://svnweb.freebsd.org/changeset/base/336615

Log:
  Use the right buffer size when calling snprintf().

  PR:	229952

Changes:
  head/sys/dev/ocs_fc/ocs_ioctl.c