From: Tejun Heo Date: Thu, 14 Feb 2008 01:32:07 +0000 (+0900) Subject: printk: fix possible printk overrun X-Git-Tag: v3.12-rc1~22657 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=cf3680b90c7842cf91ed857ac4528f4e057da366;p=kernel%2Fkernel-generic.git printk: fix possible printk overrun printk recursion detection prepends message to printk_buf and offsets printk_buf when actual message is printed but it forgets to trim buffer length accordingly. This can result in overrun in extreme cases. Fix it. [ mingo@elte.hu: bug was introduced by me via: commit 32a76006683f7b28ae3cc491da37716e002f198e Author: Ingo Molnar Date: Fri Jan 25 21:07:58 2008 +0100 printk: make printk more robust by not allowing recursion ] Signed-off-by: Tejun Heo Signed-off-by: Ingo Molnar Signed-off-by: Linus Torvalds --- diff --git a/kernel/printk.c b/kernel/printk.c index bee3610..9adc2a4 100644 --- a/kernel/printk.c +++ b/kernel/printk.c @@ -666,7 +666,7 @@ asmlinkage int vprintk(const char *fmt, va_list args) } /* Emit the output into the temporary buffer */ printed_len += vscnprintf(printk_buf + printed_len, - sizeof(printk_buf), fmt, args); + sizeof(printk_buf) - printed_len, fmt, args); /* * Copy the output into log_buf. If the caller didn't provide