lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 07 Apr 2018 17:26:40 +0300 From: Andy Shevchenko <andriy.shevchenko@...ux.intel.com> To: Petr Mladek <pmladek@...e.com>, Linus Torvalds <torvalds@...ux-foundation.org> Cc: Rasmus Villemoes <linux@...musvillemoes.dk>, "Tobin C . Harding" <me@...in.cc>, Joe Perches <joe@...ches.com>, Andrew Morton <akpm@...ux-foundation.org>, Michal Hocko <mhocko@...e.cz>, Sergey Senozhatsky <sergey.senozhatsky@...il.com>, Steven Rostedt <rostedt@...dmis.org>, Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>, linux-kernel@...r.kernel.org Subject: Re: [PATCH v4 4/9] vsprintf: Consolidate handling of unknown pointer specifiers On Wed, 2018-04-04 at 10:58 +0200, Petr Mladek wrote: > There are few printk formats that make sense only with two or more > specifiers. Also some specifiers make sense only when a kernel feature > is enabled. > > The handling of unknown specifiers is strange, inconsistent, and > even leaking the address. For example, netdev_bits() prints the > non-hashed pointer value or clock() prints "(null)". > > The best solution seems to be in flags_string(). It does not print any > misleading value. Instead it calls WARN_ONCE() describing the unknown > specifier. Therefore it clearly shows the problem and helps to find > it. > > Note that WARN_ONCE() used to cause recursive printk(). But it is safe > now because vscnprintf() is called in printk_safe context from > vprintk_emit(). > > - if (!IS_ENABLED(CONFIG_HAVE_CLK) || !clk) > + if (!IS_ENABLED(CONFIG_HAVE_CLK)) { > + WARN_ONCE(1, "Unsupported pointer format specifier: > %%pC\n"); > + return buf; > + } > + > + if (!clk) > return string(buf, end, NULL, spec); This change collides with my patch series. Can you elaborate what your thoughts are about my patches? Are you going incorporate them to your series? Should I send them independently? -- Andy Shevchenko <andriy.shevchenko@...ux.intel.com> Intel Finland Oy
Powered by blists - more mailing lists