lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 5 Jun 2020 18:58:51 -0700
From:   Kees Cook <keescook@...omium.org>
To:     David Howells <dhowells@...hat.com>,
        Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     linux-afs@...ts.infradead.org,
        Jeffrey Altman <jaltman@...istor.com>,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 18/27] afs: Detect cell aliases 1 - Cells with root
 volumes

On Fri, May 29, 2020 at 11:02:15PM +0100, David Howells wrote:
> +static struct afs_volume *afs_sample_volume(struct afs_cell *cell, struct key *key,
> +					    const char *name, unsigned int namelen)
> +{
> +	struct afs_volume *volume;
> +	struct afs_fs_context fc = {
> +		.type		= 0, /* Explicitly leave it to the VLDB */
> +		.volnamesz	= namelen,
> +		.volname	= name,
> +		.net		= cell->net,
> +		.cell		= cell,
> +		.key		= key, /* This might need to be something */
> +	};
> +
> +	volume = afs_create_volume(&fc);
> +	_leave(" = %px", volume);
> +	return volume;
> +}

This really doesn't seem like a justified[1] place for %px. (Even if
_leavel() is debug-only, all the rest of _leave() uses are %p.)

> +	default:
> +		BUG();

And nothing should add BUG() to new code[2].

-Kees

[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#p-format-specifier
[2] https://www.kernel.org/doc/html/latest/process/deprecated.html#bug-and-bug-on

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ