lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YLZX9oicn8u4ZVCl@smile.fi.intel.com>
Date:   Tue, 1 Jun 2021 18:53:26 +0300
From:   Andy Shevchenko <andy.shevchenko@...il.com>
To:     Matthew Wilcox <willy@...radead.org>
Cc:     Justin He <Justin.He@....com>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Petr Mladek <pmladek@...e.com>,
        Steven Rostedt <rostedt@...dmis.org>,
        Sergey Senozhatsky <senozhatsky@...omium.org>,
        Rasmus Villemoes <linux@...musvillemoes.dk>,
        Jonathan Corbet <corbet@....net>,
        Alexander Viro <viro@...iv.linux.org.uk>,
        Luca Coelho <luciano.coelho@...el.com>,
        Kalle Valo <kvalo@...eaurora.org>,
        "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>,
        Heiko Carstens <hca@...ux.ibm.com>,
        Vasily Gorbik <gor@...ux.ibm.com>,
        Christian Borntraeger <borntraeger@...ibm.com>,
        Johannes Berg <johannes.berg@...el.com>,
        "linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-wireless@...r.kernel.org" <linux-wireless@...r.kernel.org>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "linux-s390@...r.kernel.org" <linux-s390@...r.kernel.org>,
        Linux FS Devel <linux-fsdevel@...r.kernel.org>
Subject: Re: [PATCH RFCv2 2/3] lib/vsprintf.c: make %pD print full path for
 file

On Tue, Jun 01, 2021 at 04:44:00PM +0100, Matthew Wilcox wrote:
> On Tue, Jun 01, 2021 at 06:36:41PM +0300, Andy Shevchenko wrote:
> > On Tue, Jun 1, 2021 at 6:32 PM Matthew Wilcox <willy@...radead.org> wrote:
> > > On Tue, Jun 01, 2021 at 02:42:15PM +0000, Justin He wrote:
> > 
> > ...
> > 
> > > Just don't put anything
> > > in the buffer if the user didn't supply enough space.  As long as you
> > > get the return value right, they know the string is bad (or they don't
> > > care if the string is bad)
> > 
> > It might be that I'm out of context here, but printf() functionality
> > in the kernel (vsprintf() if being precise)  and its users consider
> > that it should fill buffer up to the end of whatever space is
> > available.
> 
> Do they though?  What use is it to specify a small buffer, print a
> large filename into it and then use that buffer, knowing that it wasn't
> big enough?  That would help decide whether we should print the
> start or the end of the filename.
> 
> Remember, we're going for usefulness here, not abiding by the letter of
> the standard under all circumstances, no matter the cost.  At least
> partially because we're far outside the standard here; POSIX does
> not specify what %pD does.
> 
> "The argument shall be a pointer to void. The value of the
> pointer is converted to a sequence of printable characters, in an
> implementation-defined manner."

All nice words, but don't forget kasprintf() or other usages like this.
For the same input we have to have the same result independently on the room in
the buffer.

So, if I print "Hello, World" I should always get it, not "Monkey's Paw".
I.o.w.

 snprintf(10) ==> "Hello, Wor"
 snprintf(5)  ==> "Hello"
 snprintf(2)  !=> "Mo"
 snprintf(1)  !=> "M"
 snprintf(1)  ==> "H"

Inconsistency here is really not what we want.


-- 
With Best Regards,
Andy Shevchenko


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ