[lvc-project] [PATCH] arch-x86-boot-printf: fix unsafe negative value in vsprintf()
Alexander Sapozhnikov
alsp705 at gmail.com
Fri Feb 17 16:40:03 MSK 2023
Variable 'precision', which may receive negative value at printf.c:171,
is used at printf.c:207 by calling function 'strnlen'.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Alexander Sapozhnikov <alsp705 at gmail.com>
---
arch/x86/boot/printf.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/boot/printf.c b/arch/x86/boot/printf.c
index 1237beeb9540..86ac64be949f 100644
--- a/arch/x86/boot/printf.c
+++ b/arch/x86/boot/printf.c
@@ -178,9 +178,9 @@ int vsprintf(char *buf, const char *fmt, va_list args)
/* it's the next argument */
precision = va_arg(args, int);
}
- if (precision < 0)
- precision = 0;
}
+ if (precision < 0)
+ precision = 0;
/* get the conversion qualifier */
qualifier = -1;
--
2.34.1
More information about the lvc-project
mailing list