* [PATCH/RFC] don't support %n in printk
@ 2004-03-20 23:14 Muli Ben-Yehuda
2004-04-02 8:38 ` Pavel Machek
0 siblings, 1 reply; 2+ messages in thread
From: Muli Ben-Yehuda @ 2004-03-20 23:14 UTC (permalink / raw)
To: Linux-Kernel; +Cc: Muli Ben-Yehuda
The printf man page has this to say about '%n':
"The number of characters written so far is stored into the integer
indicated by the int * (or variant) pointer argument. No argument
is converted."
Very little code actually uses %n for that. Now days, %n has a much
more common use - in printf format string exploits. Since no kernel
code appears to be using %n (thus said grep), this patch removes
support for it. To preempt the obvious argument, I agree that printk
should look and behave as much as possible as printf - except where
it's harmful. We don't support floating point, for example, and I
doubt we should support %n - although I don't strongly care one way or
another.
diff -Naurp -X /home/muli/w/dontdiff linux-2.5/lib/vsprintf.c no-n-percent/lib/vsprintf.c
--- linux-2.5/lib/vsprintf.c 2004-02-19 06:49:34.000000000 +0200
+++ no-n-percent/lib/vsprintf.c 2004-03-20 22:38:54.000000000 +0200
@@ -14,6 +14,9 @@
* - changed to provide snprintf and vsnprintf functions
* So Feb 1 16:51:32 CET 2004 Juergen Quade <quade@hsnr.de>
* - scnprintf and vscnprintf
+ * Sat Mar 20 22:38:09 2004 Muli Ben-Yehuda <mulix@mulix.org>
+ * - remove '%n' support from vsnprintf, as nothing is using it, and it
+ * has very few legitimate uses (and many many illegitimate ones)
*/
#include <stdarg.h>
@@ -401,22 +404,6 @@ int vsnprintf(char *buf, size_t size, co
16, field_width, precision, flags);
continue;
-
- case 'n':
- /* FIXME:
- * What does C99 say about the overflow case here? */
- if (qualifier == 'l') {
- long * ip = va_arg(args, long *);
- *ip = (str - buf);
- } else if (qualifier == 'Z' || qualifier == 'z') {
- size_t * ip = va_arg(args, size_t *);
- *ip = (str - buf);
- } else {
- int * ip = va_arg(args, int *);
- *ip = (str - buf);
- }
- continue;
-
case '%':
if (str <= end)
*str = '%';
Cheers,
Muli
--
Muli Ben-Yehuda
http://www.mulix.org | http://mulix.livejournal.com/
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH/RFC] don't support %n in printk
2004-03-20 23:14 [PATCH/RFC] don't support %n in printk Muli Ben-Yehuda
@ 2004-04-02 8:38 ` Pavel Machek
0 siblings, 0 replies; 2+ messages in thread
From: Pavel Machek @ 2004-04-02 8:38 UTC (permalink / raw)
To: Muli Ben-Yehuda; +Cc: Linux-Kernel
Hi!
> The printf man page has this to say about '%n':
>
> "The number of characters written so far is stored into the integer
> indicated by the int * (or variant) pointer argument. No argument
> is converted."
>
> Very little code actually uses %n for that. Now days, %n has a much
> more common use - in printf format string exploits. Since no kernel
> code appears to be using %n (thus said grep), this patch removes
> support for it. To preempt the obvious argument, I agree that printk
> should look and behave as much as possible as printf - except where
> it's harmful. We don't support floating point, for example, and I
> doubt we should support %n - although I don't strongly care one way or
> another.
You probably should search the kernel for any uses of %n and fix
them...
Pavel
--
When do you have a heart between your knees?
[Johanka's followup: and *two* hearts?]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2004-04-02 8:38 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-03-20 23:14 [PATCH/RFC] don't support %n in printk Muli Ben-Yehuda
2004-04-02 8:38 ` Pavel Machek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox