diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2021-01-25 10:19:40 -0800 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2021-01-25 10:19:40 -0800 |
| commit | 007ad27d7bafc6df36e1d6ad4a13f6d602376193 (patch) | |
| tree | 4d95ddea5ee549821b274295ed8038af1c341bdb /tools/testing | |
| parent | 6ee1d745b7c9fd573fba142a2efdad76a9f1cb04 (diff) | |
| parent | 61bb17da44a0b6d079e68872e3569bb3eda17656 (diff) | |
| download | linux-007ad27d7bafc6df36e1d6ad4a13f6d602376193.tar.bz2 | |
Merge tag 'printk-for-5.11-urgent-fixup' of git://git.kernel.org/pub/scm/linux/kernel/git/printk/linux
Pull printk fix from Petr Mladek:
"The fix of a potential buffer overflow in 5.11-rc5 introduced another
one. The trailing '\0' might be written up to the message "len" past
the buffer. Fortunately, it is not that easy to hit.
Most readers use 1kB buffers for a single message. Typical messages
fit into the temporary buffer with enough reserve.
Also readers do not rely on the '\0'. It is related to the previous
fix. Some readers required the space for the trailing '\0'. We decided
to write it there to avoid such regressions in the future.
The most realistic victims are dumpers using kmsg_dump_get_buffer().
They are filling the entire buffer with as many messages as possible.
They are typically used when handling panic()"
* tag 'printk-for-5.11-urgent-fixup' of git://git.kernel.org/pub/scm/linux/kernel/git/printk/linux:
printk: fix string termination for record_print_text()
Diffstat (limited to 'tools/testing')
0 files changed, 0 insertions, 0 deletions