Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20110701154947.133c30f5@lxorguk.ukuu.org.uk>
Date: Fri, 1 Jul 2011 15:49:47 +0100
From: Alan Cox <alan@...rguk.ukuu.org.uk>
To: Vasiliy Kulikov <segoon@...nwall.com>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
        Ingo Molnar
 <mingo@...e.hu>,
        Andrew Morton <akpm@...ux-foundation.org>,
        James Morris
 <jmorris@...ei.org>, Namhyung Kim <namhyung@...il.com>,
        Greg Kroah-Hartman
 <gregkh@...e.de>,
        kernel-hardening@...ts.openwall.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] kernel: escape non-ASCII and control characters in
 printk()

>  of the multiline feature.  Intoducing new "%S" format for single lines
>  makes little sense as there are tons of printk() calls that should be
>  already restricted to one line.

You don't need a new format string surely. Your expectation for printk is 

"multiple new lines are cool providing they are in the format string"

So that bit isn't hard to deal with, 

You make vprintk take an extra arg (trusted/untrusted args)
You make printk pass 'untrusted'
You make %s quote the arguments for control codes if untrusted is set but
you don't mangle format string controls.

End of problem ?

At which point your attacker has more work to do but given a long string
yawns and stars using the right number of spaces for the likely 80 col
screen :)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.