| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 12 Jan 2024 10:22:44 +0100
From: Geert Uytterhoeven <geert@...ux-m68k.org>
To: Petr Mladek <pmladek@...e.com>
Cc: "James E . J . Bottomley" <jejb@...ux.ibm.com>, "Martin K . Petersen" <martin.petersen@...cle.com>,
linux-scsi@...r.kernel.org, linux-kernel@...r.kernel.org,
Chris Down <chris@...isdown.name>, oe-kbuild-all@...ts.linux.dev,
kernel test robot <lkp@...el.com>, Arnd Bergmann <arnd@...db.de>
Subject: Re: [PATCH] scsi: core: Safe warning about bad dev info string
Hi Petr,
On Thu, Jan 11, 2024 at 5:26 PM Petr Mladek <pmladek@...e.com> wrote:
> Both "model" and "strflags" are passed to "%s" even when one or both
> are NULL.
>
> It is safe because vsprintf() would detect the NULL pointer and print
> "(null)". But it is a kernel-specific feature and compiler warns
> about it:
>
> <warning>
> In file included from include/linux/kernel.h:19,
> from arch/x86/include/asm/percpu.h:27,
> from arch/x86/include/asm/current.h:6,
> from include/linux/sched.h:12,
> from include/linux/blkdev.h:5,
> from drivers/scsi/scsi_devinfo.c:3:
> drivers/scsi/scsi_devinfo.c: In function 'scsi_dev_info_list_add_str':
> >> include/linux/printk.h:434:44: warning: '%s' directive argument is null [-Wformat-overflow=]
> 434 | #define printk(fmt, ...) printk_index_wrap(_printk, fmt, ##__VA_ARGS__)
> | ^
> include/linux/printk.h:430:3: note: in definition of macro 'printk_index_wrap'
> 430 | _p_func(_fmt, ##__VA_ARGS__); \
> | ^~~~~~~
> drivers/scsi/scsi_devinfo.c:551:4: note: in expansion of macro 'printk'
> 551 | printk(KERN_ERR "%s: bad dev info string '%s' '%s'"
> | ^~~~~~
> drivers/scsi/scsi_devinfo.c:552:14: note: format string is defined here
> 552 | " '%s'\n", __func__, vendor, model,
> | ^~
> </warning>
>
> Do not rely on the kernel specific behavior and print the message a safe way.
>
> Reported-by: kernel test robot <lkp@...el.com>
> Closes: https://lore.kernel.org/oe-kbuild-all/202401112002.AOjwMNM0-lkp@intel.com/
> Signed-off-by: Petr Mladek <pmladek@...e.com>
> ---
> Note: The patch is only compile tested.
>
> drivers/scsi/scsi_devinfo.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/scsi/scsi_devinfo.c b/drivers/scsi/scsi_devinfo.c
> index 3fcaf10a9dfe..ba7237e83863 100644
> --- a/drivers/scsi/scsi_devinfo.c
> +++ b/drivers/scsi/scsi_devinfo.c
> @@ -551,9 +551,9 @@ static int scsi_dev_info_list_add_str(char *dev_list)
> if (model)
> strflags = strsep(&next, next_check);
> if (!model || !strflags) {
> - printk(KERN_ERR "%s: bad dev info string '%s' '%s'"
> - " '%s'\n", __func__, vendor, model,
> - strflags);
> + pr_err("%s: bad dev info string '%s' '%s' '%s'\n",
> + __func__, vendor, model ? model : "",
> + strflags ? strflags : "");
Do we really want to make this change?
The kernel's vsprintf() implementation has supported NULL pointers
since forever, and lots of code relies on that behavior.
Perhaps this warning can be disabled instead?
> res = -EINVAL;
> } else
> res = scsi_dev_info_list_add(0 /* compatible */, vendor,
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@...ux-m68korg
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
Powered by blists - more mailing lists