Hi, i detected two issues in the s390 architecture source code: My static code analysis tool (cppcheck) says: [linux-2.6.29/arch/s390/kernel/early.c:117]: (error) Overlapping data buffer defsys_cmd [linux-2.6.29/arch/s390/kernel/early.c:111]: (error) Overlapping data buffer defsys_cmd look into the code: .... sprintf(defsys_cmd, "%s EW %.5X-%.5X", defsys_cmd, sinitrd_pfn, einitrd_pfn); } #endif sprintf(defsys_cmd, "%s EW MINSIZE=%.7iK PARMREGS=0-13", defsys_cmd, min_size); .... The buffer does overlapp, which can lead to a wrong memory! Best regards Ettl Martin
Created attachment 49052 [details] The first Patch for bug 12965 Fix the dangerous use of sprintf by using safer function snprintf. This patch is generated automatically by the tool R2Fix.
Created attachment 49062 [details] The second patch for bug 12965 Fix the dangerous use of sprintf by using safer function snprintf. This patch is generated automatically by the tool R2Fix.
A commit referencing this bug has been merged for .39-rc1: commit 69ac43b05eef4b8555e84ad51ceb6c58b5a3bc75 Author: Chen Liu <chenliu@asset.uwaterloo.ca> Date: Wed Mar 23 10:14:58 2011 +0100 [S390] early: Fix possible overlapping data buffer
A patch referencing this bug report has been merged in v2.6.38-8876-g036a982: commit 69ac43b05eef4b8555e84ad51ceb6c58b5a3bc75 Author: Chen Liu <chenliu@asset.uwaterloo.ca> Date: Wed Mar 23 10:14:58 2011 +0100 [S390] early: Fix possible overlapping data buffer