| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <825016aa048b95b4e5db9c26e9046d82fc4b6a84.camel@linux.intel.com>
Date: Tue, 10 Jun 2025 10:20:28 -0700
From: srinivas pandruvada <srinivas.pandruvada@...ux.intel.com>
To: Arnd Bergmann <arnd@...nel.org>, Hans de Goede <hdegoede@...hat.com>,
Ilpo Järvinen
<ilpo.jarvinen@...ux.intel.com>
Cc: Arnd Bergmann <arnd@...db.de>, Tero Kristo
<tero.kristo@...ux.intel.com>, Peter Zijlstra <peterz@...radead.org>,
platform-driver-x86@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] platform/x86/intel-uncore-freq: avoid non-literal
format string
On Tue, 2025-06-10 at 11:34 +0200, Arnd Bergmann wrote:
> From: Arnd Bergmann <arnd@...db.de>
>
> Using a string variable in place of a format string causes a W=1
> build warning:
>
I am not able to reproduce with W=1 with gcc 15.1.1 20250521 (Red Hat
15.1.1-2).
$touch drivers/platform/x86/intel/uncore-frequency/uncore-frequency-
common.c
$ make -j128 W=1
DESCEND objtool
CALL scripts/checksyscalls.sh
INSTALL libsubcmd_headers
.pylintrc: warning: ignored by one of the .gitignore files
CC [M] drivers/platform/x86/intel/uncore-frequency/uncore-frequency-
common.o
LD [M] drivers/platform/x86/intel/uncore-frequency/intel-uncore-
frequency-common.o
But verified the change:
Tested-by: Srinivas Pandruvada <srinivas.pandruvada@...ux.intel.com>
Thanks,
Srinivas
> drivers/platform/x86/intel/uncore-frequency/uncore-frequency-
> common.c:61:40: error: format string is not a string literal
> (potentially insecure) [-Werror,-Wformat-security]
> 61 | length += sysfs_emit_at(buf, length,
> agent_name[agent]);
> |
> ^~~~~~~~~~~~~~~~~
>
> Use the safer "%s" format string to print it instead.
>
> Fixes: b98fa870fce2 ("platform/x86/intel-uncore-freq: Add attributes
> to show agent types")
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
> ---
> .../x86/intel/uncore-frequency/uncore-frequency-common.c | 2
> +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/platform/x86/intel/uncore-frequency/uncore-
> frequency-common.c b/drivers/platform/x86/intel/uncore-
> frequency/uncore-frequency-common.c
> index 0f8aea18275b..65897fae17df 100644
> --- a/drivers/platform/x86/intel/uncore-frequency/uncore-frequency-
> common.c
> +++ b/drivers/platform/x86/intel/uncore-frequency/uncore-frequency-
> common.c
> @@ -58,7 +58,7 @@ static ssize_t show_agent_types(struct kobject
> *kobj, struct kobj_attribute *att
> if (length)
> length += sysfs_emit_at(buf, length, " ");
>
> - length += sysfs_emit_at(buf, length,
> agent_name[agent]);
> + length += sysfs_emit_at(buf, length, "%s",
> agent_name[agent]);
> }
>
> length += sysfs_emit_at(buf, length, "\n");
Powered by blists - more mailing lists