| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 26 Nov 2016 20:43:50 +0100
From: Nicolas Iooss <nicolas.iooss_linux@....org>
To: Ezequiel Garcia <ezequiel@...guardiasur.com.ar>,
linux-media@...r.kernel.org
Cc: linux-kernel@...r.kernel.org,
Nicolas Iooss <nicolas.iooss_linux@....org>
Subject: [PATCH 1/1] [media] tw686x: silent -Wformat-security warning
Using sprintf() with a non-literal string makes some compiler complain
when building with -Wformat-security (eg. clang reports "format string
is not a string literal (potentially insecure)").
Here sprintf() format parameter is indirectly a literal string so there
is no security issue. Nevertheless adding a "%s" format string to
silent the warning helps to detect real bugs in the kernel.
Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@....org>
---
drivers/media/pci/tw686x/tw686x-core.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/media/pci/tw686x/tw686x-core.c b/drivers/media/pci/tw686x/tw686x-core.c
index 71a0453b1af1..336e2f9bc1b6 100644
--- a/drivers/media/pci/tw686x/tw686x-core.c
+++ b/drivers/media/pci/tw686x/tw686x-core.c
@@ -74,7 +74,7 @@ static const char *dma_mode_name(unsigned int mode)
static int tw686x_dma_mode_get(char *buffer, struct kernel_param *kp)
{
- return sprintf(buffer, dma_mode_name(dma_mode));
+ return sprintf(buffer, "%s", dma_mode_name(dma_mode));
}
static int tw686x_dma_mode_set(const char *val, struct kernel_param *kp)
--
2.10.2
Powered by blists - more mailing lists