From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 32F6CC021A4 for ; Mon, 24 Feb 2025 17:02:33 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C26BB28000A; Mon, 24 Feb 2025 12:02:32 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id BD6CD280002; Mon, 24 Feb 2025 12:02:32 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A771528000A; Mon, 24 Feb 2025 12:02:32 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 7FD8C280002 for ; Mon, 24 Feb 2025 12:02:32 -0500 (EST) Received: from smtpin11.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 271E681936 for ; Mon, 24 Feb 2025 17:02:32 +0000 (UTC) X-FDA: 83155456944.11.5840885 Received: from mail-qt1-f169.google.com (mail-qt1-f169.google.com [209.85.160.169]) by imf24.hostedemail.com (Postfix) with ESMTP id 19A4818002B for ; Mon, 24 Feb 2025 17:02:29 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=1Bpy2RWW; spf=pass (imf24.hostedemail.com: domain of fvdl@google.com designates 209.85.160.169 as permitted sender) smtp.mailfrom=fvdl@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1740416550; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=VR9fYD4ulxXrS8gZJjWrfuiZTIdun+GiiSoBV4GR/Fw=; b=vS+YSpzye/5QHaCLi288LK/Y5nfxI5bHry+3URi2QqYbAfQ415Gcdx0Fma8fk3TdpviN6X m417JL9axSVKxwMUMeZy3O6q0CLrb4EEvzE0WyUB8N0FasFfXfrsH36dsENioz0uaemCJp 2VnE+tcU4TmXx77nTO3zqN4RRNDhMsk= ARC-Authentication-Results: i=1; imf24.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=1Bpy2RWW; spf=pass (imf24.hostedemail.com: domain of fvdl@google.com designates 209.85.160.169 as permitted sender) smtp.mailfrom=fvdl@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1740416550; a=rsa-sha256; cv=none; b=PAxRiGzG8LvNzNp1AR1zY3s0eusEGE6IDfwWg/08tJPQHk5Erz5ZMzg6R8ZQddlcc6R0nN 8qL+TwFLFfdop984+KJs6kaCVlj44J2zgeOBf5tF4JakZG2D/bx6GU5KWnFbZwqCeQYoUF F2+mpwTsDdJDKkIMP4A2wf4S3xZFee0= Received: by mail-qt1-f169.google.com with SMTP id d75a77b69052e-472098e6e75so623581cf.1 for ; Mon, 24 Feb 2025 09:02:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1740416549; x=1741021349; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=VR9fYD4ulxXrS8gZJjWrfuiZTIdun+GiiSoBV4GR/Fw=; b=1Bpy2RWWRqQ8ZxlI9wyB09pXQ1QvIlejQLpp6guoAS2RhvZhh/PlLYIXAUFcualAxw QJFADu4hU2FVqnvqFU/AvSR7j06Cl/C7+PmKqy3utATylXj9Iu/llll8CW81QWfcCN53 bBNkj5tdzSWiKu7vfPFQedbf/O+vlYBevCqelDQdwrZeyYX5emtybBkKUTOlFu9Yvg3R cjrqzTpfRenT/c70SNRvh1nEhP3Of91MkptbHMQaBr24f3E/RRv3NseNefje081K0Qec P7ToLvvM/nzRme2kr9JqndI3ymjC7/jqOOHZMbIf+nG4fq3lWEXDiE9+TeG80bUdgcwp 4ToA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740416549; x=1741021349; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VR9fYD4ulxXrS8gZJjWrfuiZTIdun+GiiSoBV4GR/Fw=; b=EfLJ/JRRyWyoabs+cjwGbCmy9gYPQf0Hsnos6suaHUFuBtjKb2Tb3wbar2YBOr4lsz GLRKYpQnitxzCidS/ykJ2wcMlENlOPUsZxnecG1HPRWtkVw8MuiMZ6wmb2D4qqggrErL +gyqnNnShDzDmVmBVWCYXlEnImS0eoD6WgrqiHvgNHKnu+7A2eLpaVOUyOx1h7iMEWLj auAxHBK8ZPAjnoMpBj1IeZLvwEdcIAHaAcPhRyrZtfzH0bOvXKhAh9nAx4dZWHq2yZzh KCsV79Afe5niVysi/8N4nmjZ57IeMHl3+xfqk67qu51DWFNiBodudIw9gP7T0AMz99e/ VdMA== X-Forwarded-Encrypted: i=1; AJvYcCUJvKNwhlx5ASyI9K1uCPOSc3biS6wfcfRgaMEJOUgLbmhFWKhgUxPrHxz5zAZxbuzIhjkhKazVjg==@kvack.org X-Gm-Message-State: AOJu0YxZD4U3ysWmNjfVbje5bB8tJNVPZlXh8ZtZQhFocFmfjY7j6PGe MDQvHk7wp+0/4zV7qFN3ttzd/wpa7H8TtcmotpRXVde5DCsuumf0W7J7rnse7XmObhw+62PpcQ9 ZruBDq/tFB5hErKXjOqzl5EjSci1SIEqQULzP X-Gm-Gg: ASbGncv9KITU0FBzmsgOKuNZi4qUFjhoJldLRdJ6q16d8dbS41ipqOhY3q8oGsMz08f /ks8ZKi/CQxM5JK2FjbqlKvoDSKGvZJtZdb6t9LlpV2X2sJb6bESHi1WfgWeKBca1u8TzuVuLvT p0EBND X-Google-Smtp-Source: AGHT+IFVV/QSW2PsYP3VXHqjBpcE4L3RaCpSXY45J/dLEVmzaKzSZI2xSnS/YRNsQjCr3RqPRormupPSqzbPXf0Zgso= X-Received: by 2002:ac8:5781:0:b0:471:9ece:b13b with SMTP id d75a77b69052e-47376e5ae3amr68601cf.1.1740416548614; Mon, 24 Feb 2025 09:02:28 -0800 (PST) MIME-Version: 1.0 References: <20250224141120.1240534-1-arnd@kernel.org> <20250224141120.1240534-2-arnd@kernel.org> In-Reply-To: <20250224141120.1240534-2-arnd@kernel.org> From: Frank van der Linden Date: Mon, 24 Feb 2025 09:02:17 -0800 X-Gm-Features: AQ5f1JqyvF0cZUse3UCnnuocLyu1h_TE-Jmz-aTlK_6A7bNBbcPQf-el1-E8RJg Message-ID: Subject: Re: [PATCH 2/2] mm, cma: use literal printf format string To: Arnd Bergmann Cc: Andrew Morton , Nathan Chancellor , Arnd Bergmann , Nick Desaulniers , Bill Wendling , Justin Stitt , David Hildenbrand , Zi Yan , linux-mm@kvack.org, linux-kernel@vger.kernel.org, llvm@lists.linux.dev Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Stat-Signature: x6x58pwdbpzb133d9zg7yga7x6ftn1da X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 19A4818002B X-HE-Tag: 1740416549-506929 X-HE-Meta: U2FsdGVkX1/dbiXBKsk/B0FNQ7ckJhpuVoh/4lSQZwn3cps972F76jIO31WcaREazTi5DvNJYS2wn79JXnH5ZHve4nRU3Sxh3bM/m9QltKKG0idZIlBEY955/JloRB3yg3II081DZ01pZcPxriW9+tDZU3e64VM2EdFUEStWKVu4fdWj4Dql0M83cNsU8BTe3jFFkhhkcrNoaUozdmGoJhx97oXDx0fzD0zGqx7XjujueUE8odA5Hk2OZPTrNCOpEE37jwCPOtUb+rNxXHI5PSU0m+Udzxp5kaSlVeBZjL+G4KF5Es0z2UulGE17AaDyegkc246iS2yxvYOYMP+ZCXRQ/c68kwbHJJbAQ1zTERy+BhWwPF7C5Ipey1OWh0c+gFUebZb6+t0WZLlNY14E1LcCmKosv9iNsh7wmUAyyRKvGnHA2yHdZ3TNjbz3BRVyYV6LOdEN1Aie7dFJjyD2a15rlS5RILgkT2LK+mu+8gwxZ2NLkXfwzRRSuIFdEnfIN28aO408LCLvE7s3ccQHpNsS8PFjoPdIIYaikfg9Y7ODTIKkJhvKa482yLTIKHqs7m9ws7prAAxv5HOKRvR//pNJkPh+OPXIvrnwhVEmI39jm9/z49n1VIS0f16HjXeQ7BIAxwgmUsToppY+tvSetOPcSG/kw1uyCcw2+mH+ru7LclqWw5iGPqmSFiFgY062muIqyO36aOgjRmSN+a24rhWZzZHAJu4XcemIp1uuQw8YoTZteAPupBOeisHIvzUryM3gmHDrZxy3YhWp7a6ChXNH3pTCpfxkveFdFle4BUCAYf7DzmTQm9lfHbdVfmqI4mf7FWsg/0e7XvZ9RoVhrmd9GGU3/8O4TQiYKwstirRY/H00UugQlShj1TQ7YTpFqKlKrZ10ghaO9phMoPldh3iqU/jXUcGCEwa8l519U0BD4Yacwm6WwqjurTIEPDD8MsXcheDClE4EU/uCgSC bi5wLe8F 7fglJDbS9ij5X0hMEBb1XQiOv+r9rWfxcXWG1xiXOggZEUUffZbESuBlxpwT8RrSrGO/fbAljoKQVYmAY/D69SnkiH/Bt5oGlEgC4iOHhxDD5CUGi6MAgt2DaGfekrKZ24ubS/FdqPjUHhtIlGi515NvnfKL9BHpBsQ/3DW9Y382zBEbVsHlObFa6FQYREyb1ibO217y+0pYgCquC9xX7ba3FcVptB0lkq5eXXcT8Wzm+/akUBK3DXsMXlG07wFOJcTOxMJB53KGL6oVD0gGI/K3dDgxiDTlpPnrMNTrMwwdcZrkFjF6hSwRKJPjcw6i21BSG X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Feb 24, 2025 at 6:11=E2=80=AFAM Arnd Bergmann wro= te: > > From: Arnd Bergmann > > Using a variable string as a printf format can be a security issue > that clang warns about when extra warnings are enabled: > > mm/cma.c:239:37: error: format string is not a string literal (potentiall= y insecure) [-Werror,-Wformat-security] > 239 | snprintf(cma->name, CMA_MAX_NAME, name); > | ^~~~ > > This one does not appear to be a security issue since the string is > not user controlled, but it's better to avoid the warning. > Use "%s" as the format instead and just pass the name as the argument. > > Signed-off-by: Arnd Bergmann > --- > mm/cma.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/mm/cma.c b/mm/cma.c > index ef0206c0f16d..09322b8284bd 100644 > --- a/mm/cma.c > +++ b/mm/cma.c > @@ -236,7 +236,7 @@ static int __init cma_new_area(const char *name, phys= _addr_t size, > cma_area_count++; > > if (name) > - snprintf(cma->name, CMA_MAX_NAME, name); > + snprintf(cma->name, CMA_MAX_NAME, "%s", name); > else > snprintf(cma->name, CMA_MAX_NAME, "cma%d\n", cma_area_co= unt); > > -- > 2.39.5 > Yes, thanks - not sure why I didn't use "%s" there. Reviewed-by: Frank van der Linden