From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E9C29C433EF for ; Mon, 13 Jun 2022 18:40:22 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7EC0D6B0251; Mon, 13 Jun 2022 14:40:22 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 79BA76B0253; Mon, 13 Jun 2022 14:40:22 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 663BD6B0257; Mon, 13 Jun 2022 14:40:22 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 563E76B0251 for ; Mon, 13 Jun 2022 14:40:22 -0400 (EDT) Received: from smtpin11.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 2E37320DF6 for ; Mon, 13 Jun 2022 18:40:22 +0000 (UTC) X-FDA: 79574077884.11.CEAE6CF Received: from mail-lj1-f171.google.com (mail-lj1-f171.google.com [209.85.208.171]) by imf30.hostedemail.com (Postfix) with ESMTP id D06C380095 for ; Mon, 13 Jun 2022 18:40:21 +0000 (UTC) Received: by mail-lj1-f171.google.com with SMTP id b7so7154886ljr.6 for ; Mon, 13 Jun 2022 11:40:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=SW1J4TxrbvE0J+NvABWMWUwXUDHi8O6WM5U0kmdXuvs=; b=YcOMN9J8NO13M1lsQJ09hM7cCxE8MS8M7Gv1MrIUfDqyrowxYIz0M4kq/4DzZS1VvJ X+WwlBoGf6CzRGJ8G1EjU7INISE4kKU0Z/BuQnIyh3+0qLr9mDdeVrnpP8AHGXywflLI gn4vt4eUHsaKF6mpPhECp6pZ2U/kiDWVsOWPKlO9R4E2oApQGpBRq/kLZZK9nbrMH8Vs rXrYvlBgBc2y9ISFPMRSym0HBSe8rRlM0D6NK0Ddpva36u6S2KIqGMmwmrN+Mz2tgqDy Zm5vDhOTpucmZ8RQFhCIrZBcGzE3vnnOhB0faQ7Lbps3yLPlEQLVSwLrlcC8TPCjgrM+ 10Rw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=SW1J4TxrbvE0J+NvABWMWUwXUDHi8O6WM5U0kmdXuvs=; b=e2NJVcu255XUWZGIvJ7wouVEuRtH46qzeyogmyxFfmeKQjARWED0ef+61yXaVFjcO6 ZVJq9xiVcfoanxPU8q+kIj4vHtz48ifK6sV6OGLQHjo7MYXbZxaWNlpHDOkNjoBSFfjo eNu/K70uETnxYznSsPBtN/5NLCs3HSbI9VXRYpgO6HahgLvHIRMr5eVeoe2bJ/41H2MM WpOwrWp8YaPuf727OHLAbFbmjiPCq8uouCsx0kleXIwqc5SeKnosFvjiFp6/gOkY5Kz2 RpoxIoYEBOWZho1jSjAd4AJl0t8NWkJjM4cbXnbBDR0UYubxQLoR9Ow54JtR9ewnruuX fARg== X-Gm-Message-State: AJIora9+L/PsRxrpleOzzZZZK3R2c7N7t051IUEWCznMX+Ws8SZyKS+S 9tyUOBZmXDQTDrSPx+I0NQwNJi0DHADlkKly33KZ X-Google-Smtp-Source: AGRyM1sc5PXhrpO/NALvqllDtgfvAmsGr0nMSO+nh757PXQ+6BPBVtmdCaZdkhadYmRsZLgDd/bC0jYF0EiuvoWxC2E= X-Received: by 2002:a05:651c:1581:b0:255:48d1:fdae with SMTP id h1-20020a05651c158100b0025548d1fdaemr459115ljq.286.1655145619959; Mon, 13 Jun 2022 11:40:19 -0700 (PDT) MIME-Version: 1.0 References: <20220609221702.347522-1-morbo@google.com> <20220609221702.347522-8-morbo@google.com> In-Reply-To: From: Bill Wendling Date: Mon, 13 Jun 2022 11:40:08 -0700 Message-ID: Subject: Re: [PATCH 07/12] driver/char: use correct format characters To: Greg Kroah-Hartman Cc: Bill Wendling , Tony Luck , Borislav Petkov , Thomas Gleixner , Ingo Molnar , Dave Hansen , "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" , "H. Peter Anvin" , Phillip Potter , Arnd Bergmann , "Rafael J. Wysocki" , Jan Kara , Andrew Morton , Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Jaroslav Kysela , Takashi Iwai , Nathan Chancellor , Nick Desaulniers , Tom Rix , Daniel Kiper , Ross Philipson , linux-edac@vger.kernel.org, LKML , ACPI Devel Maling List , linux-mm@kvack.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, Networking , alsa-devel@alsa-project.org, clang-built-linux Content-Type: text/plain; charset="UTF-8" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1655145621; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=SW1J4TxrbvE0J+NvABWMWUwXUDHi8O6WM5U0kmdXuvs=; b=NZkHI+eLbrJFM1uWH8O1yxdZGjWD9Ax6a61wB1oyP08Ip0/v88nSUhxXO/GcK903DqrgJx aesV9vgzlUgOwtYSm8UtT0DHiVpQQ4Lx+OgnL5TwLddFiCu6ZLI70Wo2uvJr7ONQFgyKYx pp4FoegI7lZXZXtG+KHGEAzYwwdrcKU= ARC-Authentication-Results: i=1; imf30.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=YcOMN9J8; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf30.hostedemail.com: domain of morbo@google.com designates 209.85.208.171 as permitted sender) smtp.mailfrom=morbo@google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1655145621; a=rsa-sha256; cv=none; b=ry9j5ARf5b51Z/En5VhuFcAJKAEF5kOMqjEK03C2CDqe8p3IpwqYr/ih0FOsrb9tbYeDWf X1nHc8EJtoA/XNSx25dQX+DsiLMh4YvEWkxx7nnvXEeV0dHdurQQHhm3w0DoWzqA6Eaep9 wgv6KTVfB4Wpp5PnQntHzV3K4Iv2ZLw= X-Rspamd-Queue-Id: D06C380095 X-Rspam-User: X-Stat-Signature: s43eny8pxmnq3czu5717k9jp97143zwb Authentication-Results: imf30.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=YcOMN9J8; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf30.hostedemail.com: domain of morbo@google.com designates 209.85.208.171 as permitted sender) smtp.mailfrom=morbo@google.com X-Rspamd-Server: rspam04 X-HE-Tag: 1655145621-336550 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, Jun 9, 2022 at 10:18 PM Greg Kroah-Hartman wrote: > > On Thu, Jun 09, 2022 at 10:16:26PM +0000, Bill Wendling wrote: > > From: Bill Wendling > > Why isn't that matching your From: line in the email? > There must be something wrong with my .gitconfig file. I"ll check into it. > > > > When compiling with -Wformat, clang emits the following warnings: > > Is that ever a default build option for the kernel? > We want to enable -Wformat for clang. I believe that these specific warnings have been disabled, but I'm confused as to why, because they're valid warnings. When I compiled with the warning enabled, there were only a few (12) places that needed changes, so thought that patches would be a nice cleanup, even though the warning itself is disabled. > > drivers/char/mem.c:775:16: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security] > > NULL, devlist[minor].name); > > ^~~~~~~~~~~~~~~~~~~ > > > > Use a string literal for the format string. > > > > Link: https://github.com/ClangBuiltLinux/linux/issues/378 > > Signed-off-by: Bill Wendling > > --- > > drivers/char/mem.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/drivers/char/mem.c b/drivers/char/mem.c > > index 84ca98ed1dad..32d821ba9e4d 100644 > > --- a/drivers/char/mem.c > > +++ b/drivers/char/mem.c > > @@ -772,7 +772,7 @@ static int __init chr_dev_init(void) > > continue; > > > > device_create(mem_class, NULL, MKDEV(MEM_MAJOR, minor), > > - NULL, devlist[minor].name); > > + NULL, "%s", devlist[minor].name); > > Please explain how this static string can ever be user controlled. > All someone would need to do is accidentally insert an errant '%' in one of the strings for this function call to perform unexpected actions---at the very least reading memory that's not allocated and may contain garbage, thereby decreasing performance and possibly overrunning some buffer. Perhaps in this specific scenario it's unlikely, but "device_create()" is used in a lot more places than here. This patch is a general code cleanup. -bw