| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251204165129.GC983706@yaz-khff2.amd.com>
Date: Thu, 4 Dec 2025 11:51:29 -0500
From: Yazen Ghannam <yazen.ghannam@....com>
To: Arnd Bergmann <arnd@...nel.org>
Cc: Borislav Petkov <bp@...en8.de>, Tony Luck <tony.luck@...el.com>,
Avadhut Naik <avadhut.naik@....com>, Arnd Bergmann <arnd@...db.de>,
Ingo Molnar <mingo@...nel.org>, Qiuxu Zhuo <qiuxu.zhuo@...el.com>,
Thorsten Blum <thorsten.blum@...ux.dev>,
Mario Limonciello <mario.limonciello@....com>,
linux-edac@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] EDAC/amd64: avoid -Wformat-security warning
On Thu, Dec 04, 2025 at 11:02:25AM +0100, Arnd Bergmann wrote:
> From: Arnd Bergmann <arnd@...db.de>
>
> Using a variable as a format string causes a (default-disabled) warning:
>
> drivers/edac/amd64_edac.c: In function 'per_family_init':
> drivers/edac/amd64_edac.c:3914:17: error: format not a string literal and no format arguments [-Werror=format-security]
> 3914 | scnprintf(pvt->ctl_name, sizeof(pvt->ctl_name), tmp_name);
> | ^~~~~~~~~
>
> The code here is safe, but in order to enable the warning by default in
> the future, change this instance to pass the name indirectly.
>
> Fixes: e9abd990aefd ("EDAC/amd64: Generate ctl_name string at runtime")
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
> ---
Reviewed-by: Yazen Ghannam <yazen.ghannam@....com>
Thanks,
Yazen
Powered by blists - more mailing lists