lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20210423100146.GQ3@paasikivi.fi.intel.com>
Date:   Fri, 23 Apr 2021 13:01:46 +0300
From:   Sakari Ailus <sakari.ailus@...ux.intel.com>
To:     Rasmus Villemoes <linux@...musvillemoes.dk>
Cc:     Andrew Morton <akpm@...ux-foundation.org>,
        Petr Mladek <pmladek@...e.com>,
        Steven Rostedt <rostedt@...dmis.org>,
        Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
        Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
        "Rafael J. Wysocki" <rafael.j.wysocki@...el.com>,
        stable@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] lib/vsprintf.c: remove leftover 'f' and 'F' cases from
 bstr_printf()

Hi Rasmus,

On Fri, Apr 23, 2021 at 11:45:29AM +0200, Rasmus Villemoes wrote:
> Commit 9af7706492f9 ("lib/vsprintf: Remove support for %pF and %pf in
> favour of %pS and %ps") removed support for %pF and %pf, and correctly
> removed the handling of those cases in vbin_printf(). However, the
> corresponding cases in bstr_printf() were left behind.
> 
> In the same series, %pf was re-purposed for dealing with
> fwnodes (3bd32d6a2ee6, "lib/vsprintf: Add %pfw conversion specifier
> for printing fwnode names").
> 
> So should anyone use %pf with the binary printf routines,
> vbin_printf() would (correctly, as it involves dereferencing the
> pointer) do the string formatting to the u32 array, but bstr_printf()
> would not copy the string from the u32 array, but instead interpret
> the first sizeof(void*) bytes of the formatted string as a pointer -
> which generally won't end well (also, all subsequent get_args would be
> out of sync).
> 
> Fixes: 9af7706492f9 ("lib/vsprintf: Remove support for %pF and %pf in favour of %pS and %ps")
> Cc: stable@...r.kernel.org
> Signed-off-by: Rasmus Villemoes <linux@...musvillemoes.dk>

Thanks!

Reviewed-by: Sakari Ailus <sakari.ailus@...ux.intel.com>

> ---
>  lib/vsprintf.c | 2 --
>  1 file changed, 2 deletions(-)
> 
> diff --git a/lib/vsprintf.c b/lib/vsprintf.c
> index 41ddc353ebb8..39ef2e314da5 100644
> --- a/lib/vsprintf.c
> +++ b/lib/vsprintf.c
> @@ -3135,8 +3135,6 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf)
>  			switch (*fmt) {
>  			case 'S':
>  			case 's':
> -			case 'F':
> -			case 'f':
>  			case 'x':
>  			case 'K':
>  			case 'e':
> -- 
> 2.29.2
> 

-- 
Sakari Ailus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ