|
Message-ID: <CAGXu5jKtSb1h4rbKg2zVxLfJP7VPSvXApi7KWb81nq_Uj151BQ@mail.gmail.com> Date: Mon, 7 Aug 2017 15:18:00 -0700 From: Kees Cook <keescook@...omium.org> To: Vaishali Thakkar <vaishali.thakkar@...cle.com> Cc: Rasmus Villemoes <linux@...musvillemoes.dk>, Laura Abbott <labbott@...hat.com>, "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com> Subject: Re: Re: Format string gcc-plugin? On Mon, Aug 7, 2017 at 3:06 PM, Vaishali Thakkar <vaishali.thakkar@...cle.com> wrote: > I was recently looking at gcc's -Wformat-security and realized that there is > a TODO point on KSPP's wiki page regarding fixing it for const > strings. > > I was wondering that may be we can also try Coccinelle for the type checking > of %pX extensions? Is there any work done or is someone working on this > after this discussion? > > I'm not sure what is a preferable way over here [GCC plugin or Coccinelle > scripts] but if noone is working on this then I would like to give it a try. > Any comments on the same are welcome. I would prefer a gcc plugin just because that could be enabled for the regular build (where as a Coccinelle check is a separate build type). Also I think a gcc plugin would allow for better control of the checks, since it will actually be in the middle of constructing the actual instructions and variables, etc. Coccinelle has to guess sometimes. -Kees -- Kees Cook Pixel Security
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.