| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ee5a5bf2-a014-448c-9e28-d4caea3f481e@lunn.ch> Date: Mon, 16 Sep 2024 22:37:36 +0200 From: Andrew Lunn <andrew@...n.ch> To: "Russell King (Oracle)" <linux@...linux.org.uk> Cc: Raju Lakkaraju <Raju.Lakkaraju@...rochip.com>, Christophe JAILLET <christophe.jaillet@...adoo.fr>, netdev@...r.kernel.org, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, bryan.whitehead@...rochip.com, UNGLinuxDriver@...rochip.com, maxime.chevallier@...tlin.com, rdunlap@...radead.org, Steen.Hegelund@...rochip.com, daniel.machon@...rochip.com, linux-kernel@...r.kernel.org Subject: Re: [PATCH net-next V2 2/5] net: lan743x: Add support to software-nodes for sfp > If you really want to do this kind of thing, at least write it in > a safe way... > > snprintf(..., "%s", string); > > rather than: > > snprintf(..., string); > > so that "string" doesn't attempt to be escape-expanded. One of the static analysers is complaining about this danger, or it might be GCC itself if you up the warning level. The kernel hardening people are replacing all such bad cases, one by one. So we definitely don't want to add more. Andrew
Powered by blists - more mailing lists