lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <202010070014.76AA763CE@keescook>
Date:   Wed, 7 Oct 2020 00:16:01 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Joe Perches <joe@...ches.com>
Cc:     Andrew Morton <akpm@...ux-foundation.org>,
        Mike Kravetz <mike.kravetz@...cle.com>,
        Christoph Lameter <cl@...ux.com>,
        Pekka Enberg <penberg@...nel.org>,
        David Rientjes <rientjes@...gle.com>,
        Joonsoo Kim <iamjoonsoo.kim@....com>, linux-mm@...ck.org,
        linux-kernel <linux-kernel@...r.kernel.org>,
        Greg KH <gregkh@...uxfoundation.org>
Subject: Re: [PATCH -next] mm: Use sysfs_emit functions not sprintf

On Tue, Oct 06, 2020 at 09:28:17AM -0700, Joe Perches wrote:
> Convert the various uses of sprintf/snprintf/scnprintf to
> format sysfs output to sysfs_emit and sysfs_emit_at to make
> clear the output is sysfs related and to avoid any possible
> buffer overrun of the PAGE_SIZE buffer.
> 
> Done with cocci scripts and some typing.

Can you include the cocci script in the commit log? It might be nicer to
split the "manual" changes from the cocci changes, as that makes review
much easier too.

Regardless, yes, I'm a fan of switching these all around to
sysfs_emit*(). :)

Thanks!

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ