lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <89e0378d-f03d-42ef-9495-ada312dd5139@linuxfoundation.org> Date: Thu, 30 Nov 2023 14:36:10 -0700 From: Shuah Khan <skhan@...uxfoundation.org> To: angquan yu <angquan21@...il.com> Cc: shuah@...nel.org, linux-kselftest@...r.kernel.org, linux-kernel@...r.kernel.org, linux-kernel-mentees@...ts.linuxfoundation.org, Shuah Khan <skhan@...uxfoundation.org> Subject: Re: [PATCH] selftests:breakpoints: Fix Format String Warning in breakpoint_test On 11/28/23 20:57, angquan yu wrote: > From: angquan yu <angquan21@...il.com> > > This commit resolves a compiler warning regardingthe > use of non-literal format strings in breakpoint_test.c. > > The functions `ksft_test_result_pass` and `ksft_test_result_fail` > were previously called with a variable `msg` directly, which could > potentially lead to format string vulnerabilities. > > Changes made: > - Modified the calls to `ksft_test_result_pass` and `ksft_test_result_fail` > by adding a "%s" format specifier. This explicitly declares `msg` as a > string argument, adhering to safer coding practices and resolving > the compiler warning. > > This change does not affect the functional behavior of the code but ensures > better code safety and compliance with recommended C programming standards. > > The previous warning is "breakpoint_test.c:287:17: > warning: format not a string literal and no format arguments > [-Wformat-security] > 287 | ksft_test_result_pass(msg); > | ^~~~~~~~~~~~~~~~~~~~~ > breakpoint_test.c:289:17: warning: format not a string literal > and no format arguments [-Wformat-security] > 289 | ksft_test_result_fail(msg); > | " > > Signed-off-by: angquan yu <angquan21@...il.com> Thank you foe the fix. Applied to linux-kselftest next Linux 6.8-rc1 thanks, -- Shuah
Powered by blists - more mailing lists