From: Kees Cook <keescook@chromium.org>
To: James Troup <james.troup@canonical.com>
Cc: Jonathan Corbet <corbet@lwn.net>,
"Gustavo A. R. Silva" <gustavo@embeddedor.com>,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] docs: deprecated.rst: Add %p to the list
Date: Wed, 4 Mar 2020 22:47:18 -0800 [thread overview]
Message-ID: <202003042240.3F6201CC3@keescook> (raw)
In-Reply-To: <87mu8vtj6g.fsf@canonical.com>
Ah! A wild Troup appears! :)
On Thu, Mar 05, 2020 at 07:22:31AM +0100, James Troup wrote:
> Kees Cook <keescook@chromium.org> writes:
>
> > diff --git a/Documentation/process/deprecated.rst b/Documentation/process/deprecated.rst
> > index f9f196d3a69b..a4db119f4e09 100644
> > --- a/Documentation/process/deprecated.rst
> > +++ b/Documentation/process/deprecated.rst
> > @@ -109,6 +109,23 @@ the given limit of bytes to copy. This is inefficient and can lead to
> > linear read overflows if a source string is not NUL-terminated. The
> > safe replacement is :c:func:`strscpy`.
> >
> > +%p format specifier
> > +-------------------
> > +Using %p in format strings leads to a huge number of address exposures.
>
> Perhaps this sentence should be in the past tense, since %p currently
> prints a hashed value?
Yeah, good point; that should be more clear.
>
> > +Instead of leaving these to be exploitable, "%p" should not be used in
> > +the kernel.
>
> On its face, this seems to contradict the guidance below?
>
> > If used currently, it is a hashed value, rendering it
>
> Perhaps: s/it is/it prints/ ?
I'll rewrite this whole area...
>
> > +unusable for addressing. Paraphrasing Linus's current `guideance
> > <https://lore.kernel.org/lkml/CA+55aFwQEd_d40g4mUCSsVRZzrFPUJt74vc6PPpb675hYNXcKw@mail.gmail.com/>`_:
>
> Typo: guidance
Thanks for the review! I wonder why ":set spell" missed that...
-Kees
--
Kees Cook
prev parent reply other threads:[~2020-03-05 6:47 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-04 19:13 [PATCH] docs: deprecated.rst: Add %p to the list Kees Cook
2020-03-05 6:22 ` James Troup
2020-03-05 6:47 ` Kees Cook [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202003042240.3F6201CC3@keescook \
--to=keescook@chromium.org \
--cc=corbet@lwn.net \
--cc=gustavo@embeddedor.com \
--cc=james.troup@canonical.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.