| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87a55fw5aq.fsf@prevas.dk> Date: Tue, 08 Jul 2025 08:43:57 +0200 From: Rasmus Villemoes <linux@...musvillemoes.dk> To: Alejandro Colomar <alx@...nel.org> Cc: linux-mm@...ck.org, linux-hardening@...r.kernel.org, Kees Cook <kees@...nel.org>, Christopher Bazley <chris.bazley.wg14@...il.com>, shadow <~hallyn/shadow@...ts.sr.ht>, linux-kernel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, kasan-dev@...glegroups.com, Dmitry Vyukov <dvyukov@...gle.com>, Alexander Potapenko <glider@...gle.com>, Marco Elver <elver@...gle.com>, Christoph Lameter <cl@...ux.com>, David Rientjes <rientjes@...gle.com>, Vlastimil Babka <vbabka@...e.cz>, Roman Gushchin <roman.gushchin@...ux.dev>, Harry Yoo <harry.yoo@...cle.com> Subject: Re: [RFC v1 0/3] Add and use seprintf() instead of less ergonomic APIs On Sat, Jul 05 2025, Alejandro Colomar <alx@...nel.org> wrote: > On top of that, I have a question about the functions I'm adding, > and the existing kernel snprintf(3): The standard snprintf(3) > can fail (return -1), but the kernel one doesn't seem to return <0 ever. > Should I assume that snprintf(3) doesn't fail here? Yes. Just because the standard says it may return an error, as a QoI thing the kernel's implementation never fails. That also means that we do not ever do memory allocation or similar in the guts of vsnsprintf (that would anyway be a mine field of locking bugs). If we hit some invalid or unsupported format specifier (i.e. a bug in the caller), we return early, but still report what we wrote until hitting that. Rasmus
Powered by blists - more mailing lists