public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed
* [PATCH] scsi: esas2r: fix potential format string flaw
@ 2013-09-11  4:38 Kees Cook
  2013-09-11 15:38 ` Bradley Grove
  0 siblings, 1 reply; 2+ messages in thread
From: Kees Cook @ 2013-09-11  4:38 UTC (permalink / raw)
  To: linux-kernel; +Cc: Bradley Grove, James E.J. Bottomley, linux-scsi

This makes sure format strings cannot leak into the printk call via the
constructed buffer.

Signed-off-by: Kees Cook <keescook@chromium.org>
---
 drivers/scsi/esas2r/esas2r_log.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/scsi/esas2r/esas2r_log.c b/drivers/scsi/esas2r/esas2r_log.c
index 9bf285d..61fc19d 100644
--- a/drivers/scsi/esas2r/esas2r_log.c
+++ b/drivers/scsi/esas2r/esas2r_log.c
@@ -171,7 +171,7 @@ static int esas2r_log_master(const long level,
 		if (strlen(event_buffer) < buflen)
 			strcat(buffer, "\n");
 
-		printk(event_buffer);
+		printk("%s", event_buffer);
 
 		spin_unlock_irqrestore(&event_buffer_lock, flags);
 	}
-- 
1.7.9.5


-- 
Kees Cook
Chrome OS Security

^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH] scsi: esas2r: fix potential format string flaw
  2013-09-11  4:38 [PATCH] scsi: esas2r: fix potential format string flaw Kees Cook
@ 2013-09-11 15:38 ` Bradley Grove
  0 siblings, 0 replies; 2+ messages in thread
From: Bradley Grove @ 2013-09-11 15:38 UTC (permalink / raw)
  To: Kees Cook, James E.J. Bottomley, linux-scsi; +Cc: linux-kernel, Bradley Grove

On 09/11/2013 12:38 AM, Kees Cook wrote:
> This makes sure format strings cannot leak into the printk call via the
> constructed buffer.
>
> Signed-off-by: Kees Cook <keescook@chromium.org>
> ---

Acked-by: Bradley Grove <bgrove@attotech.com>

Brad



^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-09-11 15:53 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-09-11  4:38 [PATCH] scsi: esas2r: fix potential format string flaw Kees Cook
2013-09-11 15:38 ` Bradley Grove

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox