| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 28 Aug 2006 13:17:43 +0200 From: Krzysztof Halasa <khc@...waw.pl> To: Willy Tarreau <w@....eu> Cc: Solar Designer <solar@...nwall.com>, Ernie Petrides <petrides@...hat.com>, linux-kernel@...r.kernel.org, Alan Cox <alan@...rguk.ukuu.org.uk> Subject: Re: printk()s of user-supplied strings Willy Tarreau <w@....eu> writes: > Well, I'm not sure about this. Nearly all patches which get merged pass > through a public review first, and when you see how many replies you get > for and 'else' and and 'if' on two different lines, I expect lots of > spontaneous replies such as "use %S for user-supplied strings". I wouldn't rely on that. >> A solution would be to normally use "%S" and only use >> "%s" where "%S" wouldn't work. In that case, we could as well swap "%s" >> and "%S", though - hardening the existing "%s" and introducing "%S" for >> those callers that depend on the old behavior. I think it's the way to go. > I'd rather not change "%s" semantics if we introduce another specifier > which does exactly what we would expect "%s" to do. Both would be equivalent in most cases. It's better to use "%s" for most cases (either secured or not) and leave "%S" for the bunch of special cases whose authors better know what are they doing. > I will try your proposal to retain the trailing '\n' unescaped. I think with "%s" and "%S" this is no longer needed. -- Krzysztof Halasa - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists