| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 9 Dec 2015 00:52:58 +0100
From: Nicolas Iooss <nicolas.iooss_linux@....org>
To: Emil Velikov <emil.l.velikov@...il.com>
Cc: Boris Brezillon <boris.brezillon@...e-electrons.com>,
David Airlie <airlied@...ux.ie>,
Jianwei Wang <jianwei.wang.chn@...il.com>,
Alison Wang <alison.wang@...escale.com>,
Mark Yao <mark.yao@...k-chips.com>,
Thierry Reding <thierry.reding@...il.com>,
Terje Bergström <tbergstrom@...dia.com>,
Stephen Warren <swarren@...dotorg.org>,
ML dri-devel <dri-devel@...ts.freedesktop.org>,
linux-tegra@...r.kernel.org,
"Linux-Kernel@...r. Kernel. Org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 1/2] drm: make drm_dev_set_unique() not use a format
string
On 12/09/2015 12:28 AM, Emil Velikov wrote:
> On 8 December 2015 at 22:12, Nicolas Iooss <nicolas.iooss_linux@....org> wrote:
>> drm_dev_set_unique() uses a format string to define the unique name of a
>> device. This feature is not used as currently all the calls to this
>> function either use "%s" as a format string or directly use
>> dev_name().
>>
>> Even though this second kind of call does not introduce security
>> problems, because there cannot be "%" characters in dev_name() results,
>> gcc issues a warning when building with -Wformat-security flag
>> ("warning: format string is not a string literal (potentially
>> insecure)"). This warning is useful to find real bugs like the one
>> fixed by commit 3958b79266b1 ("configfs: fix kernel infoleak through
>> user-controlled format string"). False positives which do not bring
>> an extra value make the work of finding real bugs harder.
>>
>> Therefore remove the format-string feature from drm_dev_set_unique().
>>
>> Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@....org>
>> ---
>> drivers/gpu/drm/drm_drv.c | 11 +++--------
>> drivers/gpu/drm/nouveau/nouveau_drm.c | 2 +-
>> drivers/gpu/drm/rockchip/rockchip_drm_drv.c | 2 +-
>> include/drm/drmP.h | 2 +-
>> 4 files changed, 6 insertions(+), 11 deletions(-)
>>
>> diff --git a/drivers/gpu/drm/drm_drv.c b/drivers/gpu/drm/drm_drv.c
>> index 7dd6728dd092..20eaa0aae205 100644
>> --- a/drivers/gpu/drm/drm_drv.c
>> +++ b/drivers/gpu/drm/drm_drv.c
>> @@ -797,7 +797,7 @@ EXPORT_SYMBOL(drm_dev_unregister);
>> /**
>> * drm_dev_set_unique - Set the unique name of a DRM device
>> * @dev: device of which to set the unique name
>> - * @fmt: format string for unique name
>> + * @name: unique name
>> *
>> * Sets the unique name of a DRM device using the specified format string and
>> * a variable list of arguments. Drivers can use this at driver probe time if
> You might want to also update the above hunk :-)
Indeed, thanks! I will wait a little bit for other feedbacks, read all
the comments/documentation to see if anything else needs an update and
submit a v2.
Nicolas
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists