From nobody Sat Aug 31 11:10:01 2024
X-Original-To: bugs@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wwsk338f3z5V5Ch
	for <bugs@mlmmj.nyi.freebsd.org>; Sat, 31 Aug 2024 11:10:03 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Wwsk303z8z55WX
	for <bugs@FreeBSD.org>; Sat, 31 Aug 2024 11:10:03 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1725102603; a=rsa-sha256; cv=none;
	b=XsHTLc2K6H8cUAXLdfgBPTt6mBF82wWmUwcfuKM2pWXhbu6aL8WTOS6ZuqeSkvTJ20hpcG
	J9mwL6k2hZ3aLD6JOZacnQOuvaLjCtEj5bM7p3V/+oISNUjRBjEUrbwDAbkzL1lJ8EurlS
	pGpgkqL/FPONbDjRPLK/n4L6dB2HAruwXZJzMWgN682zdztjJjKTE8iUyuAM5LIeWq1HjA
	GJ0yvukZJ+SVqX6xqOP93z5J69N/mrrBBiFSLcT+/CilEJe/elLMFFFllBjBFP2lsy8WAm
	DvFoV7oyeDVAbE6+q/0WVrVFWXrNaSh1v3vGrqC9xUq5o4hORqFh5pfKQSDzqw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1725102603;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=TuXfsxmAdrrs6/QwF7Q8QJ1MaNC6hLQfMJXob/xjTM0=;
	b=OcsVfsZkklulzWIBGiVy2kOn02zazwMpsCuMNiyAc/A6vwuk7xhqcuDsVQCT5Zko9qhv7n
	jxzo9POZRpP4r8fjBgmIY0od0dAWCm1ESmi8luTPjbyCZQ1xPAtPrNK2YsXLNh9GXFMZAg
	Lk20kKjzD4cbnxH9hOfsx+otMKYBMpHwr1PY/o1IOf7C+oVBBCa5AzKB1q0DLFlcxWB+nO
	cnT9oTqZANx2jXVHvbXx68AqYYZao1BZmczItapV4I4Af/vnShhMksnckglKLK/NmwUegS
	mgDubHxejjjVsGUOolZp7IeniWq0uMNfeYJvp6IODp6XerrrTQLvM06nTJUy6w==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wwsk26ctVzjZg
	for <bugs@FreeBSD.org>; Sat, 31 Aug 2024 11:10:02 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
	by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47VBA2a7030195
	for <bugs@FreeBSD.org>; Sat, 31 Aug 2024 11:10:02 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
	by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47VBA2nV030193
	for bugs@FreeBSD.org; Sat, 31 Aug 2024 11:10:02 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: bugs@FreeBSD.org
Subject: [Bug 281160] [PATCH] mfiutil: Fix unsafe assumptions of snprintf(3)
 return value in function 'mfi_autolearn_period'
Date: Sat, 31 Aug 2024 11:10:01 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: bin
X-Bugzilla-Version: 15.0-CURRENT
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: msl0000023508@gmail.com
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform
 op_sys bug_status bug_severity priority component assigned_to reporter
 attachments.created
Message-ID: <bug-281160-227@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-bugs
List-Help: <mailto:freebsd-bugs+help@freebsd.org>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Subscribe: <mailto:freebsd-bugs+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-bugs+unsubscribe@freebsd.org>
Sender: owner-freebsd-bugs@FreeBSD.org
MIME-Version: 1.0

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D281160

            Bug ID: 281160
           Summary: [PATCH] mfiutil: Fix unsafe assumptions of snprintf(3)
                    return value in function 'mfi_autolearn_period'
           Product: Base System
           Version: 15.0-CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: bin
          Assignee: bugs@FreeBSD.org
          Reporter: msl0000023508@gmail.com

Created attachment 253207
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D253207&action=
=3Dedit
mfiutil-8ee7bd9.diff

The snprintf(3) returns the number of characters that **would have been
written** if size is enough for the result. However the code in question
dangerously assumed that truncation would never happen, by adjusting the
pointer 'tmp' and size 'sz' using snprintf(3) return value, without first
checking whether a truncation happend. (why use snprintf(3) in first place =
if a
truncation will never happen?)

--=20
You are receiving this mail because:
You are the assignee for the bug.=