Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20110622165355.GB11803@albatros>
Date: Wed, 22 Jun 2011 20:53:55 +0400
From: Vasiliy Kulikov <segoon@...nwall.com>
To: Joe Perches <joe@...ches.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
	James Morris <jmorris@...ei.org>, Ingo Molnar <mingo@...e.hu>,
	Namhyung Kim <namhyung@...il.com>,
	Greg Kroah-Hartman <gregkh@...e.de>,
	kernel-hardening@...ts.openwall.com, linux-kernel@...r.kernel.org,
	security@...nel.org
Subject: Re: [PATCH] kernel: escape non-ASCII and control characters in
 printk()

On Wed, Jun 22, 2011 at 09:38 -0700, Joe Perches wrote:
> On Wed, 2011-06-22 at 13:53 +0400, Vasiliy Kulikov wrote:
> > This patch escapes all characters outside of allowed '\n' plus 0x20-0x7E
> > charset passed to printk().
> 
> []
> 
> > diff --git a/kernel/printk.c b/kernel/printk.c
> []
> > +static void emit_log_char_escaped(char c)
> > +{
> > +	char buffer[8];
> > +	int i, len;
> > +
> > +	if ((c >= ' ' && c < 127) || c == '\n')
> 
> 	if (isprint(c))

#define isprint(c)	((__ismask(c)&(_P|_U|_L|_D|_SP)) != 0)

It slightly differs from what I've written.  It (1) lacks '\n', (2)
passes non-ASCII symbols.  How would non-ASCII symbols look like if
terminal doesn't support it?  (I don't know, merely asking).


But if >159 (the number got from _ctype[]) is not an issue then
(isprint(c) || (c == '\n')) looks really better.

> Why not add this to emit_log_char?

No real need, but someone may want to explicitly bypass the check, it
should use emit_log_char() instead of emit_log_char_escaped().


Thanks,

-- 
Vasiliy Kulikov
http://www.openwall.com - bringing security into open computing environments

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.