lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <73c94414-43a4-4aad-ac5a-5daf570ec975@gmail.com>
Date: Sun, 14 Jul 2024 20:14:13 +0200
From: Mirsad Todorovac <mtodorovac69@...il.com>
To: reiserfs-devel@...r.kernel.org
Cc: Biggers <ebiggers@...gle.com>,
 Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
 "Gustavo A. R. Silva" <gustavoars@...nel.org>,
 Christian Brauner <brauner@...nel.org>,
 "Matthew Wilcox (Oracle)" <willy@...radead.org>, Jan Kara <jack@...e.cz>,
 Al Viro <viro@...iv.linux.org.uk>, Jeff Layton <jlayton@...nel.org>,
 Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
Subject: [BUG linux-next] error: function ‘prepare_error_buf’ might be a candidate for ‘gnu_printf’ format attribute

Hi, all,

In linux-next vanilla tree, GCC 12.3.0 gives such error with .config in attachment:

fs/reiserfs/prints.c: In function ‘prepare_error_buf’:
fs/reiserfs/prints.c:221:17: error: function ‘prepare_error_buf’ might be a candidate for ‘gnu_printf’ format attribute [-Werror=suggest-attribute=format]
  221 |                 p += vscnprintf(p, end - p, fmt1, args);
      |                 ^
fs/reiserfs/prints.c:260:9: error: function ‘prepare_error_buf’ might be a candidate for ‘gnu_printf’ format attribute [-Werror=suggest-attribute=format]
  260 |         p += vscnprintf(p, end - p, fmt1, args);
      |         ^

202 static DEFINE_SPINLOCK(error_lock);
203 static void prepare_error_buf(const char *fmt, va_list args)
204 {


205         char *fmt1 = fmt_buf;
206         char *k;
207         char *p = error_buf;
208         char * const end = &error_buf[sizeof(error_buf)];
209         int what;
210 
211         spin_lock(&error_lock);
212 
213         if (WARN_ON(strscpy(fmt_buf, fmt, sizeof(fmt_buf)) < 0)) {
214                 strscpy(error_buf, "format string too long", end - error_buf);
215                 goto out_unlock;
216         }
217 
218         while ((k = is_there_reiserfs_struct(fmt1, &what)) != NULL) {
219                 *k = 0;
220 
221   →             p += vscnprintf(p, end - p, fmt1, args);
222 
223                 switch (what) {
224                 case 'k':
225                         p += scnprintf_le_key(p, end - p,
226                                               va_arg(args, struct reiserfs_key *));
227                         break;
228                 case 'K':
229                         p += scnprintf_cpu_key(p, end - p,
230                                                va_arg(args, struct cpu_key *));
231                         break;
232                 case 'h':
233                         p += scnprintf_item_head(p, end - p,
234                                                  va_arg(args, struct item_head *));
235                         break;
236                 case 't':
237                         p += scnprintf_direntry(p, end - p,
238                                                 va_arg(args, struct reiserfs_dir_entry *));
239                         break;
240                 case 'y':
241                         p += scnprintf_disk_child(p, end - p,
242                                                   va_arg(args, struct disk_child *));
243                         break;
244                 case 'z':
245                         p += scnprintf_block_head(p, end - p,
246                                                   va_arg(args, struct buffer_head *));
247                         break;
248                 case 'b':
249                         p += scnprintf_buffer_head(p, end - p,
250                                                    va_arg(args, struct buffer_head *));
251                         break;
252                 case 'a':
253                         p += scnprintf_de_head(p, end - p,
254                                                va_arg(args, struct reiserfs_de_head *));
255                         break;
256                 }
257 
258                 fmt1 = k + 2;
259         }
260         p += vscnprintf(p, end - p, fmt1, args);
261 out_unlock:
262         spin_unlock(&error_lock);
263 
264 }

Now, this seems unfixable, as we see in include/linux/sprintf.h

__printf(2, 3) int sprintf(char *buf, const char * fmt, ...);
__printf(2, 0) int vsprintf(char *buf, const char *, va_list);
__printf(3, 4) int snprintf(char *buf, size_t size, const char *fmt, ...);
__printf(3, 0) int vsnprintf(char *buf, size_t size, const char *fmt, va_list args);
__printf(3, 4) int scnprintf(char *buf, size_t size, const char *fmt, ...);
__printf(3, 0) int vscnprintf(char *buf, size_t size, const char *fmt, va_list args);
__printf(2, 3) __malloc char *kasprintf(gfp_t gfp, const char *fmt, ...);
__printf(2, 0) __malloc char *kvasprintf(gfp_t gfp, const char *fmt, va_list args);
__printf(2, 0) const char *kvasprintf_const(gfp_t gfp, const char *fmt, va_list args);

__scanf(2, 3) int sscanf(const char *, const char *, ...);
__scanf(2, 0) int vsscanf(const char *, const char *, va_list);

When va_list is used to transfer params to the format checker, he cannot know what
will be in "va list args" at the runtime, can he?

That is why __printf(2, 0) is used as suggested format, but GCC 12.3.0 still complains
with warnings (or errors) like above.

Is there a workaround against this?

Thanks.

Best regards,
Mirsad Todorovac
View attachment ".config" of type "text/plain" (134865 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ