lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 10 May 2021 12:21:34 +0200
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     linux-kernel@...r.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        stable@...r.kernel.org,
        Rasmus Villemoes <linux@...musvillemoes.dk>,
        Sakari Ailus <sakari.ailus@...ux.intel.com>,
        Petr Mladek <pmladek@...e.com>
Subject: [PATCH 5.10 297/299] lib/vsprintf.c: remove leftover f and F cases from bstr_printf()

From: Rasmus Villemoes <linux@...musvillemoes.dk>

commit 84696cfaf4d90945eb2a8302edc6cf627db56b84 upstream.

Commit 9af7706492f9 ("lib/vsprintf: Remove support for %pF and %pf in
favour of %pS and %ps") removed support for %pF and %pf, and correctly
removed the handling of those cases in vbin_printf(). However, the
corresponding cases in bstr_printf() were left behind.

In the same series, %pf was re-purposed for dealing with
fwnodes (3bd32d6a2ee6, "lib/vsprintf: Add %pfw conversion specifier
for printing fwnode names").

So should anyone use %pf with the binary printf routines,
vbin_printf() would (correctly, as it involves dereferencing the
pointer) do the string formatting to the u32 array, but bstr_printf()
would not copy the string from the u32 array, but instead interpret
the first sizeof(void*) bytes of the formatted string as a pointer -
which generally won't end well (also, all subsequent get_args would be
out of sync).

Fixes: 9af7706492f9 ("lib/vsprintf: Remove support for %pF and %pf in favour of %pS and %ps")
Cc: stable@...r.kernel.org
Signed-off-by: Rasmus Villemoes <linux@...musvillemoes.dk>
Reviewed-by: Sakari Ailus <sakari.ailus@...ux.intel.com>
Signed-off-by: Petr Mladek <pmladek@...e.com>
Link: https://lore.kernel.org/r/20210423094529.1862521-1-linux@rasmusvillemoes.dk
Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
---
 lib/vsprintf.c |    2 --
 1 file changed, 2 deletions(-)

--- a/lib/vsprintf.c
+++ b/lib/vsprintf.c
@@ -3102,8 +3102,6 @@ int bstr_printf(char *buf, size_t size,
 			switch (*fmt) {
 			case 'S':
 			case 's':
-			case 'F':
-			case 'f':
 			case 'x':
 			case 'K':
 			case 'e':

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ