Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20170228160607.183a88bd491e97fa6a7ded9c@linux-foundation.org>
Date: Tue, 28 Feb 2017 16:06:07 -0800
From: Andrew Morton <akpm@...ux-foundation.org>
To: Joe Perches <joe@...ches.com>
Cc: Andy Whitcroft <apw@...onical.com>, "Roberts, William C"
 <william.c.roberts@...el.com>, kernel-hardening@...ts.openwall.com,
 linux-kernel@...r.kernel.org
Subject: Re: [PATCH] checkpatch: Add ability to find bad uses of vsprintf
 %p<foo> extensions

On Mon, 27 Feb 2017 12:54:55 -0800 Joe Perches <joe@...ches.com> wrote:

> %pK was at least once misused at %pk in an out-of-tree module.
> This lead to some security concerns.  Add the ability to track
> single and multiple line statements for misuses of %p<foo>.

Should we also do this?

--- a/lib/vsprintf.c~checkpatch-add-ability-to-find-bad-uses-of-vsprintf-%pfoo-extensions-fix
+++ a/lib/vsprintf.c
@@ -1477,6 +1477,9 @@ int kptr_restrict __read_mostly;
  * by an extra set of alphanumeric characters that are extended format
  * specifiers.
  *
+ * Please update scripts/checkpatch.pl when adding new conversion characters.
+ * (search for "check for vsprintf extension").
+ *
  * Right now we handle:
  *
  * - 'F' For symbolic function descriptor pointers with offset
_

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.