From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Kees Cook <keescook@google.com>
Cc: Fengguang Wu <fengguang.wu@intel.com>,
LKML <linux-kernel@vger.kernel.org>
Subject: Re: net/netfilter/xt_LOG.c:43: error: format not a string literal and no format arguments
Date: Mon, 30 Jun 2014 19:39:44 +0200 [thread overview]
Message-ID: <20140630173944.GA1377@localhost> (raw)
In-Reply-To: <CAGXu5j++FFJ2=2Q07kcY9_Fk2dnvA+BR8kKRCe27cgusbbpjrw@mail.gmail.com>
On Mon, Jun 30, 2014 at 10:05:01AM -0700, Kees Cook wrote:
> On Sat, Jun 28, 2014 at 7:07 AM, Fengguang Wu <fengguang.wu@intel.com> wrote:
> > tree: git://internal_merge_and_test_tree devel-ant-um-201406281943
> > head: fbb9065499371b760e0543f2ff66fde4778b46ae
> > commit: 2af37708d3ce0ae78898051ea76bc7c5f683171c [30/31] Merge 'nftables/master' into devel-ant-um-201406281943
> > config: make ARCH=avr32 atngw100_defconfig
> >
> > All error/warnings:
> >
> > net/netfilter/xt_LOG.c: In function 'log_tg':
> >>> net/netfilter/xt_LOG.c:43: error: format not a string literal and no format arguments
> >
> > vim +43 net/netfilter/xt_LOG.c
> >
> > 6939c33a Richard Weinberger 2012-02-10 27 #include <linux/netfilter/xt_LOG.h>
> > 6939c33a Richard Weinberger 2012-02-10 28 #include <linux/netfilter_ipv6/ip6_tables.h>
> > 6939c33a Richard Weinberger 2012-02-10 29 #include <net/netfilter/nf_log.h>
> > 6939c33a Richard Weinberger 2012-02-10 30
> > 6939c33a Richard Weinberger 2012-02-10 31 static unsigned int
> > 6939c33a Richard Weinberger 2012-02-10 32 log_tg(struct sk_buff *skb, const struct xt_action_param *par)
> > 6939c33a Richard Weinberger 2012-02-10 33 {
> > 6939c33a Richard Weinberger 2012-02-10 34 const struct xt_log_info *loginfo = par->targinfo;
> > 6939c33a Richard Weinberger 2012-02-10 35 struct nf_loginfo li;
> > 8cdb46da Hans Schillstrom 2013-05-15 36 struct net *net = dev_net(par->in ? par->in : par->out);
> > 6939c33a Richard Weinberger 2012-02-10 37
> > 6939c33a Richard Weinberger 2012-02-10 38 li.type = NF_LOG_TYPE_LOG;
> > 6939c33a Richard Weinberger 2012-02-10 39 li.u.log.level = loginfo->level;
> > 6939c33a Richard Weinberger 2012-02-10 40 li.u.log.logflags = loginfo->logflags;
> > 6939c33a Richard Weinberger 2012-02-10 41
> > fab4085f Pablo Neira Ayuso 2014-06-18 42 nf_log_packet(net, par->family, par->hooknum, skb, par->in, par->out,
> > fab4085f Pablo Neira Ayuso 2014-06-18 @43 &li, loginfo->prefix);
>
> This needs to be:
>
> nf_log_packet(net, par->family, par->hooknum, skb, par->in, par->out,
> &li, "%s", loginfo->prefix);
>
> Without this, any format strings contained by "prefix" can get
> processed and leak kernel contents.
http://git.kernel.org/cgit/linux/kernel/git/pablo/nf-next.git/commit/?id=ca1aa54f272d47bec77baa292f803df7a81f966b
next prev parent reply other threads:[~2014-06-30 17:39 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <53aeb8bc.DsBnC5jOuuC6IST2%fengguang.wu@intel.com>
[not found] ` <20140628140726.GD5691@localhost>
2014-06-30 17:05 ` net/netfilter/xt_LOG.c:43: error: format not a string literal and no format arguments Kees Cook
2014-06-30 17:39 ` Pablo Neira Ayuso [this message]
2014-06-30 18:06 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140630173944.GA1377@localhost \
--to=pablo@netfilter.org \
--cc=fengguang.wu@intel.com \
--cc=keescook@google.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.