lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20200902153113.qxqkpm2o6a6pgoka@medion>
Date:   Wed, 2 Sep 2020 16:31:13 +0100
From:   Alex Dewar <alex.dewar90@...il.com>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     Alex Dewar <alex.dewar90@...il.com>,
        "Rafael J. Wysocki" <rafael@...nel.org>,
        Christian Brauner <christian.brauner@...ntu.com>,
        "David S. Miller" <davem@...emloft.net>,
        Nayna Jain <nayna@...ux.ibm.com>,
        Dan Williams <dan.j.williams@...el.com>,
        Mauro Carvalho Chehab <mchehab+huawei@...nel.org>,
        Sourabh Jain <sourabhjain@...ux.ibm.com>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH RFC 2/2] sysfs: add helper macro for showing simple
 integer values

On Sun, Aug 30, 2020 at 11:13:53AM +0200, Greg Kroah-Hartman wrote:
> On Sun, Aug 30, 2020 at 12:37:17AM +0100, Alex Dewar wrote:
> > sysfs attributes are supposed to be only single values, which are
> > printed into a buffer of PAGE_SIZE. Accordingly, for many simple
> > attributes, sprintf() can be used like so:
> > 	static ssize_t my_show(..., char *buf)
> > 	{
> > 		...
> > 		return sprintf("%d\n", my_integer);
> > 	}
> > 
> > The problem is that whilst this use of sprintf() is memory safe, other
> > cases where e.g. a possibly unterminated string is passed as input, are
> > not and so use of sprintf() here might make it more difficult to
> > identify these problematic cases.
> > 
> > Define a macro, sysfs_sprinti(), which outputs the value of a single
> > integer to a buffer (with terminating "\n\0") and returns the size written.
> > This way, we can convert over the some of the trivially correct users of
> > sprintf() and decrease its usage in the kernel source tree.
> > 
> > Another advantage of this approach is that we can now statically check
> > the type of the integer so that e.g. an unsigned long long will be
> > formatted as %llu. This will fix cases where the wrong format string has
> > been passed to sprintf().
> > 
> > Signed-off-by: Alex Dewar <alex.dewar90@...il.com>
> > ---
> >  include/linux/sysfs.h | 31 +++++++++++++++++++++++++++++++
> >  1 file changed, 31 insertions(+)
> 
> Did you try this out?  Don't you need to return the number of bytes
> written?

I tried it out, but maybe not thoroughly enough ;-)

> 
> I like Joe's patches better, this feels like more work...

Fair enough. As Joe's pointed out, even for single numbers the
formatting is sometimes more complicated, so his approach does seem
best. Thanks for looking though :-)

> 
> thanks,
> 
> greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ