From: Dan Carpenter <dan.carpenter@oracle.com>
To: Jan Beulich <JBeulich@suse.com>
Cc: Kees Cook <keescook@chromium.org>, Joe Perches <joe@perches.com>,
David Miller <davem@davemloft.net>,
Eldad Zack <eldad@fogrefinery.com>,
George Spelvin <linux@horizon.com>,
Randy Dunlap <rdunlap@infradead.org>,
Andrew Morton <akpm@linux-foundation.org>,
Jiri Kosina <jkosina@suse.cz>,
LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] vsprintf: drop comment claiming %n is ignored
Date: Thu, 12 Sep 2013 10:57:57 +0300 [thread overview]
Message-ID: <20130912075756.GG19256@mwanda> (raw)
In-Reply-To: <5231836102000078000F29AD@nat28.tlf.novell.com>
On Thu, Sep 12, 2013 at 08:03:29AM +0100, Jan Beulich wrote:
> >>> On 11.09.13 at 22:18, Kees Cook <keescook@chromium.org> wrote:
> > On Wed, Sep 11, 2013 at 1:06 PM, Joe Perches <joe@perches.com> wrote:
> >> On Wed, 2013-09-11 at 12:30 -0700, Kees Cook wrote:
> >>> The %n format is not ignored, so remove the incorrect comment about it.
> >>
> >> I think it may be better to reimplement the ignoring.
> >
> > Yeah, just had a quick look, and scanf doesn't use this code at all.
> > I'd much rather remove %n again instead.
>
> Why would you want to artificially make the function diverge
> from the spec? People shouldn't be caught by surprises if at all
> possible, and one can certainly not expect people to go look at
> the comment before the function implementation to find out
> what basic (standard) features _do not_ work (one can expect
> so when trying to find out about _extensions_).
>
> Jan
Actually it's the reverse. I was expecting that %n would be ignored
from the start. Then I looked at the file and the comment said that
%n was ignored. It's only Kees who looked at the actual code and saw
that it wasn't being ignored since 2009.
Kees has been fixing format strings bugs in the past few months and
there are probably other out of tree drivers where this bug is still
exploitable. It's quite serious.
regards,
dan carpenter
next prev parent reply other threads:[~2013-09-12 7:58 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-11 19:30 [PATCH] vsprintf: drop comment claiming %n is ignored Kees Cook
2013-09-11 20:06 ` Joe Perches
2013-09-11 20:18 ` Kees Cook
2013-09-11 20:20 ` Joe Perches
2013-09-11 20:30 ` KOSAKI Motohiro
2013-09-11 20:28 ` Joe Perches
2013-09-13 19:53 ` George Spelvin
2013-09-13 22:27 ` Joe Perches
2013-09-13 23:03 ` Kees Cook
2013-09-13 23:23 ` Joe Perches
2013-09-16 2:53 ` George Spelvin
2013-09-14 2:17 ` Al Viro
2013-09-14 2:49 ` Tetsuo Handa
2013-09-14 3:05 ` Al Viro
2013-09-14 3:48 ` Al Viro
2013-09-14 4:53 ` Al Viro
2013-09-14 5:26 ` Joe Perches
2013-09-12 7:03 ` Jan Beulich
2013-09-12 7:31 ` Kees Cook
2013-09-12 7:51 ` Jan Beulich
2013-09-12 7:57 ` Dan Carpenter [this message]
2013-09-13 19:49 ` George Spelvin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130912075756.GG19256@mwanda \
--to=dan.carpenter@oracle.com \
--cc=JBeulich@suse.com \
--cc=akpm@linux-foundation.org \
--cc=davem@davemloft.net \
--cc=eldad@fogrefinery.com \
--cc=jkosina@suse.cz \
--cc=joe@perches.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@horizon.com \
--cc=rdunlap@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox