From: Djalal Harouni <tixxdz@opendz.org>
To: Kees Cook <keescook@chromium.org>
Cc: linux-kernel@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Jens Axboe <axboe@kernel.dk>,
"David S. Miller" <davem@davemloft.net>,
Herbert Xu <herbert@gondor.hengli.com.au>,
David Woodhouse <dwmw2@infradead.org>,
Karsten Keil <isdn@linux-pingi.de>
Subject: Re: [PATCH 5/6] kthread: avoid parsing names as format strings
Date: Thu, 13 Jun 2013 00:31:58 +0100 [thread overview]
Message-ID: <20130612233158.GA19948@dztty> (raw)
In-Reply-To: <1370649055-12830-6-git-send-email-keescook@chromium.org>
Hi Kees,
On Fri, Jun 07, 2013 at 04:50:54PM -0700, Kees Cook wrote:
> Calling kthread_run with a single name parameter causes it to be handled
> as a format string. Many callers are passing potentially dynamic string
> content, so use "%s" in those cases to avoid any potential accidents.
>
> Signed-off-by: Kees Cook <keescook@chromium.org>
> ---
> drivers/block/aoe/aoecmd.c | 2 +-
> drivers/block/mtip32xx/mtip32xx.c | 3 ++-
[...]
> diff --git a/drivers/block/mtip32xx/mtip32xx.c b/drivers/block/mtip32xx/mtip32xx.c
> index 847107e..81ce4c0 100644
> --- a/drivers/block/mtip32xx/mtip32xx.c
> +++ b/drivers/block/mtip32xx/mtip32xx.c
> @@ -4085,7 +4085,8 @@ skip_create_disk:
> start_service_thread:
> sprintf(thd_name, "mtip_svc_thd_%02d", index);
We can also save some bytes here, remove the sprintf() and thd_name[]
> dd->mtip_svc_handler = kthread_create_on_node(mtip_service_thread,
> - dd, dd->numa_node, thd_name);
> + dd, dd->numa_node, "%s",
> + thd_name);
>
> if (IS_ERR(dd->mtip_svc_handler)) {
> dev_err(&dd->pdev->dev, "service thread failed to start\n");
Thanks!
--
Djalal Harouni
http://opendz.org
next prev parent reply other threads:[~2013-06-12 23:37 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-07 23:50 [PATCH v2 0/6] format string usage clean ups Kees Cook
2013-06-07 23:50 ` [PATCH 1/6] block: do not pass disk names as format strings Kees Cook
2013-06-07 23:50 ` [PATCH 2/6] crypto: sanitize argument for format string Kees Cook
2013-06-07 23:50 ` [PATCH 3/6] device: avoid format string in dev_set_name Kees Cook
2013-06-07 23:50 ` [PATCH 4/6] workqueue: avoid format strings in names Kees Cook
2013-06-07 23:50 ` [PATCH 5/6] kthread: avoid parsing names as format strings Kees Cook
2013-06-12 23:31 ` Djalal Harouni [this message]
2013-06-07 23:50 ` [PATCH 6/6] isdn: clean up debug format string usage Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130612233158.GA19948@dztty \
--to=tixxdz@opendz.org \
--cc=akpm@linux-foundation.org \
--cc=axboe@kernel.dk \
--cc=davem@davemloft.net \
--cc=dwmw2@infradead.org \
--cc=gregkh@linuxfoundation.org \
--cc=herbert@gondor.hengli.com.au \
--cc=isdn@linux-pingi.de \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.