lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 07 Oct 2022 15:35:29 +0200 From: Johannes Berg <johannes@...solutions.net> To: ecree@...inx.com, netdev@...r.kernel.org, linux-net-drivers@....com Cc: davem@...emloft.net, kuba@...nel.org, pabeni@...hat.com, edumazet@...gle.com, habetsm.xilinx@...il.com, marcelo.leitner@...il.com, Edward Cree <ecree.xilinx@...il.com> Subject: Re: [RFC PATCH net-next 1/3] netlink: add support for formatted extack messages > +#define NL_SET_ERR_MSG_FMT(extack, fmt, args...) do { \ > + struct netlink_ext_ack *__extack = (extack); \ > + \ > + scnprintf(__extack->_msg_buf, NETLINK_MAX_FMTMSG_LEN, \ > + (fmt), ##args); \ Maybe that should print some kind of warning if the string was longer than the buffer? OTOH, I guess the user would notice anyway, and until you run the code nobody can possibly notice ... too bad then? Maybe we could at least _statically_ make sure that the *format* string (fmt) is shorter than say 60 chars or something to give some wiggle room for the print expansion? /* allow 20 chars for format expansion */ BUILD_BUG_ON(strlen(fmt) > NETLINK_MAX_FMTMSG_LEN - 20); might even work? Just as a sanity check. > + do_trace_netlink_extack(__extack->_msg_buf); \ > + \ > + if (__extack) \ > + __extack->_msg = __extack->_msg_buf; \ That "if (__extack)" check seems a bit strange, you've long crashed with a NPD if it was really NULL? johannes
Powered by blists - more mailing lists