lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <9c0b08f9-7c0b-4452-bbd2-a7e23bbcf572@web.de>
Date: Wed, 24 Jul 2024 16:38:58 +0200
From: Markus Elfring <Markus.Elfring@....de>
To: Zhu Jun <zhujun2@...s.chinamobile.com>, bpf@...r.kernel.org,
 Quentin Monnet <qmo@...nel.org>
Cc: LKML <linux-kernel@...r.kernel.org>, Alexei Starovoitov <ast@...nel.org>,
 Daniel Borkmann <daniel@...earbox.net>, Eduard Zingerman
 <eddyz87@...il.com>, Hao Luo <haoluo@...gle.com>,
 John Fastabend <john.fastabend@...il.com>, KP Singh <kpsingh@...nel.org>,
 Martin KaFai Lau <martin.lau@...ux.dev>, Song Liu <song@...nel.org>,
 Stanislav Fomichev <sdf@...ichev.me>, Yonghong Song <yonghong.song@...ux.dev>
Subject: Re: [PATCH v3] tools/bpf: Fix the wrong format specifier

> The format specifier of "unsigned int" in printf() should be "%u", not
> "%d".

Would you like to add any tags (like “Fixes” and “Cc”) accordingly?


…
> ---
> Changes:
…
> v3:fix compile warninf

V3:
Fix a compilation warning?


…
> +++ b/tools/bpf/bpftool/xlated_dumper.c
> @@ -316,7 +316,7 @@ void dump_xlated_plain(struct dump_data *dd, void *buf, unsigned int len,
…
> -	unsigned int i;
> +	int i;

Please do not change the data type for the variable
if you would like to adjust a subsequent format string.


…
> @@ -415,7 +415,7 @@ void dump_xlated_for_graph(struct dump_data *dd, void *buf_start, void *buf_end,
>  			}
>  		}
>
> -		printf("%d: ", insn_off);
> +		printf("%u: ", insn_off);
>  		print_bpf_insn(&cbs, cur, true);
…

How do you think about to care more also for the return value from such a function call?
https://wiki.sei.cmu.edu/confluence/display/c/ERR33-C.+Detect+and+handle+standard+library+errors

Regards,
Markus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ