lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-Id: <9e9725342ca3dfc0f5e3e0b8ca3c482b0e5712cc.1520356392.git.joe@perches.com>
Date:   Tue,  6 Mar 2018 09:14:58 -0800
From:   Joe Perches <joe@...ches.com>
To:     Andrew Morton <akpm@...ux-foundation.org>,
        Andy Whitcroft <apw@...onical.com>
Cc:     Chuck Lever <chuck.lever@...cle.com>, linux-kernel@...r.kernel.org
Subject: [PATCH] checkpatch: Improve get_quoted_string for TRACE_EVENT macros

The get_quoted_string function does not expect invalid arguments.

The $stat test can return non-statements for complicated macros
like TRACE_EVENT.

Allow the $stat block and test for vsprintf misuses to exceed
the actual block lenght and possibly test invalid lines by
validating the arguments of get_quoted_string.

return "" if either get_quoted_string argument is undefined.

Miscellanea:

o Properly align the comment for the vsprintf extension test

Signed-off-by: Joe Perches <joe@...ches.com>
Reported-by: Chuck Lever <chuck.lever@...cle.com>
---
 scripts/checkpatch.pl | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index 16e542f4e027..5a6cef8f2376 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -1298,6 +1298,7 @@ sub sanitise_line {
 sub get_quoted_string {
 	my ($line, $rawline) = @_;
 
+	return "" if (!defined($line) || !defined($rawline));
 	return "" if ($line !~ m/($String)/g);
 	return substr($rawline, $-[0], $+[0] - $-[0]);
 }
@@ -5817,7 +5818,7 @@ sub process {
 			}
 		}
 
-		# check for vsprintf extension %p<foo> misuses
+# check for vsprintf extension %p<foo> misuses
 		if ($^V && $^V ge 5.10.0 &&
 		    defined $stat &&
 		    $stat =~ /^\+(?![^\{]*\{\s*).*\b(\w+)\s*\(.*$String\s*,/s &&
-- 
2.15.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ