| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20201003135551.GA3187@kroah.com>
Date: Sat, 3 Oct 2020 15:55:51 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Kees Cook <keescook@...omium.org>
Cc: Joe Perches <joe@...ches.com>,
"Rafael J . Wysocki" <rafael@...nel.org>,
Denis Efremov <efremov@...ux.com>,
Julia Lawall <julia.lawall@...ia.fr>,
Alex Dewar <alex.dewar90@...il.com>,
linux-kernel@...r.kernel.org, Jonathan Corbet <corbet@....net>,
linux-doc@...r.kernel.org
Subject: Re: [PATCH V3 1/8] sysfs: Add sysfs_emit and sysfs_emit_at to format
sysfs output
On Fri, Oct 02, 2020 at 03:30:30PM -0700, Kees Cook wrote:
> On Wed, Sep 30, 2020 at 09:22:19PM -0700, Joe Perches wrote:
> > On Wed, 2020-09-30 at 21:17 -0700, Kees Cook wrote:
> > > On Wed, Sep 30, 2020 at 01:57:40PM +0200, Greg Kroah-Hartman wrote:
> > > > Kees, and Rafael, I don't know if you saw this proposal from Joe for
> > > > sysfs files, questions below:
> > >
> > > I'm a fan. I think the use of sprintf() in sysfs might have been one of
> > > my earliest complaints about unsafe code patterns in the kernel. ;)
> > []
> > > > > + if (WARN(!buf || offset_in_page(buf),
> > > > > + "invalid sysfs_emit: buf:%p\n", buf))
> >
> > The dump_stack() is also going to emit pointers
> > so I don't see how it does anything but help
> > show where the buffer was. It is hashed...
>
> dump_stack() is going to report symbols and register contents.
>
> I was just pointing out that %p has no value here[1]. The interesting
> states are: "was it NULL?" "how offset was it?". Its actual content
> won't matter.
Ok, suggestions for a better error message are always welcome :)
thanks,
greg k-h
Powered by blists - more mailing lists