[LTP] [PATCH] setregid01: Fix security warning for string formatting

public inbox for ltp@lists.linux.it
 help / color / mirror / Atom feed

* [LTP] [PATCH] setregid01: Fix security warning for string formatting
@ 2019-02-25 17:12 Daniel =?unknown-8bit?q?D=C3=ADaz?=
  2019-02-25 17:33 ` Enji Cooper
  2019-02-25 21:34 ` Petr Vorel
  0 siblings, 2 replies; 4+ messages in thread
From: Daniel =?unknown-8bit?q?D=C3=ADaz?= @ 2019-02-25 17:12 UTC (permalink / raw)
  To: ltp

GCC 8.2.0 complains with the following:
  setregid01.c: In function 'run':
  setregid01.c:47:3: error: format not a string literal and no format arguments [-Werror=format-security]
     tst_res(TFAIL | TTERRNO, tc->msg);
     ^~~~~~~
because there is no string formatting in the message. This can
be seen with CFLAGS set to:
  -Wformat -Wformat-security -Werror=format-security
as Yocto Project's Poky does, e.g.:
  http://errors.yoctoproject.org/Errors/Details/230043/

Signed-off-by: Daniel DÃaz <daniel.diaz@linaro.org>
---
 testcases/kernel/syscalls/setregid/setregid01.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/testcases/kernel/syscalls/setregid/setregid01.c b/testcases/kernel/syscalls/setregid/setregid01.c
index f2e41e134..8c9e11918 100644
--- a/testcases/kernel/syscalls/setregid/setregid01.c
+++ b/testcases/kernel/syscalls/setregid/setregid01.c
@@ -44,9 +44,9 @@ static void run(unsigned int n)
 	TEST(SETREGID(*tc->arg1, *tc->arg2));
 
 	if (TST_RET == -1)
-		tst_res(TFAIL | TTERRNO, tc->msg);
+		tst_res(TFAIL | TTERRNO, "%s", tc->msg);
 	else
-		tst_res(TPASS, tc->msg);
+		tst_res(TPASS, "%s", tc->msg);
 }
 
 static void setup(void)
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [LTP] [PATCH] setregid01: Fix security warning for string formatting
  2019-02-25 17:12 [LTP] [PATCH] setregid01: Fix security warning for string formatting Daniel =?unknown-8bit?q?D=C3=ADaz?=
@ 2019-02-25 17:33 ` Enji Cooper
  2019-02-25 21:34 ` Petr Vorel
  1 sibling, 0 replies; 4+ messages in thread
From: Enji Cooper @ 2019-02-25 17:33 UTC (permalink / raw)
  To: ltp


> On Feb 25, 2019, at 09:12, Daniel Díaz <daniel.diaz@linaro.org> wrote:
> 
> GCC 8.2.0 complains with the following:
>  setregid01.c: In function 'run':
>  setregid01.c:47:3: error: format not a string literal and no format arguments [-Werror=format-security]
>     tst_res(TFAIL | TTERRNO, tc->msg);
>     ^~~~~~~
> because there is no string formatting in the message. This can
> be seen with CFLAGS set to:
>  -Wformat -Wformat-security -Werror=format-security
> as Yocto Project's Poky does, e.g.:
>  http://errors.yoctoproject.org/Errors/Details/230043/
> 
> Signed-off-by: Daniel Díaz <daniel.diaz@linaro.org>
> ---
> testcases/kernel/syscalls/setregid/setregid01.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/testcases/kernel/syscalls/setregid/setregid01.c b/testcases/kernel/syscalls/setregid/setregid01.c
> index f2e41e134..8c9e11918 100644
> --- a/testcases/kernel/syscalls/setregid/setregid01.c
> +++ b/testcases/kernel/syscalls/setregid/setregid01.c
> @@ -44,9 +44,9 @@ static void run(unsigned int n)
>    TEST(SETREGID(*tc->arg1, *tc->arg2));
> 
>    if (TST_RET == -1)
> -        tst_res(TFAIL | TTERRNO, tc->msg);
> +        tst_res(TFAIL | TTERRNO, "%s", tc->msg);
>    else
> -        tst_res(TPASS, tc->msg);
> +        tst_res(TPASS, "%s", tc->msg);
> }
> 
> static void setup(void)
> -- 
> 2.17.1

LGTM!

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [LTP] [PATCH] setregid01: Fix security warning for string formatting
  2019-02-25 17:12 [LTP] [PATCH] setregid01: Fix security warning for string formatting Daniel =?unknown-8bit?q?D=C3=ADaz?=
  2019-02-25 17:33 ` Enji Cooper
@ 2019-02-25 21:34 ` Petr Vorel
  2019-02-26 11:06   ` Cyril Hrubis
  1 sibling, 1 reply; 4+ messages in thread
From: Petr Vorel @ 2019-02-25 21:34 UTC (permalink / raw)
  To: ltp

Hi Daniel,

thanks for your patch, merged.

Maybe we should have -Wformat -Wformat-security -Werror=format-security as the
default.

Kind regards,
Petr

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [LTP] [PATCH] setregid01: Fix security warning for string formatting
  2019-02-25 21:34 ` Petr Vorel
@ 2019-02-26 11:06   ` Cyril Hrubis
  0 siblings, 0 replies; 4+ messages in thread
From: Cyril Hrubis @ 2019-02-26 11:06 UTC (permalink / raw)
  To: ltp

Hi!
> Maybe we should have -Wformat -Wformat-security -Werror=format-security as the
> default.

I'm all for it but we have to check if a compiler on oldest supported
distro works fine with these flags, othewise we would have to add a
configure check...

-- 
Cyril Hrubis
chrubis@suse.cz

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2019-02-26 11:06 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-02-25 17:12 [LTP] [PATCH] setregid01: Fix security warning for string formatting Daniel =?unknown-8bit?q?D=C3=ADaz?=
2019-02-25 17:33 ` Enji Cooper
2019-02-25 21:34 ` Petr Vorel
2019-02-26 11:06   ` Cyril Hrubis

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox