From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>,
qemu-ppc@nongnu.org, xen-devel@lists.xenproject.org,
"Laurent Vivier" <lvivier@redhat.com>,
"Markus Armbruster" <armbru@redhat.com>,
"Daniel Henrique Barboza" <danielhb413@gmail.com>,
virtio-fs@redhat.com, "Michael Roth" <michael.roth@amd.com>,
"Alex Bennée" <alex.bennee@linaro.org>,
qemu-block@nongnu.org, "Peter Maydell" <peter.maydell@linaro.org>,
qemu-arm@nongnu.org, "Paul Durrant" <paul@xen.org>,
"Anthony Perard" <anthony.perard@citrix.com>,
"David Gibson" <david@gibson.dropbear.id.au>,
"Cédric Le Goater" <clg@kaod.org>, "John Snow" <jsnow@redhat.com>,
"Stefan Hajnoczi" <stefanha@redhat.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Stefano Stabellini" <sstabellini@kernel.org>,
"Gerd Hoffmann" <kraxel@redhat.com>, "Greg Kurz" <groug@kaod.org>,
"Thomas Huth" <thuth@redhat.com>,
"Daniel P. Berrangé" <berrange@redhat.com>
Subject: [PATCH 0/6] enforce use of G_GNUC_PRINTF annotations
Date: Mon, 19 Dec 2022 08:01:59 -0500 [thread overview]
Message-ID: <20221219130205.687815-1-berrange@redhat.com> (raw)
We've been very gradually adding G_GNUC_PRINTF annotations
to functions over years. This has been useful in detecting
certain malformed printf strings, or cases where we pass
user data as the printf format which is a potential security
flaw.
Given the inherant memory corruption danger in use of format
strings vs mis-matched variadic arguments, it is worth applying
G_GNUC_PRINTF to all functions using printf, even if we know
they are safe.
The compilers can reasonably reliably identify such places
with the -Wsuggest-attribute=format / -Wmissing-format-attribute
flags.
This series adds G_GNUC_PRINTF / G_GNUC_SCANF to allow the code
locations that the compilers highlight. Then it adds the above
warning flags to the build flags, to catch any future additions
of functions that take printf/scanf format strings.
Daniel P. Berrangé (6):
disas: add G_GNUC_PRINTF to gstring_printf
hw/xen: use G_GNUC_PRINTF/SCANF for various functions
tools/virtiofsd: add G_GNUC_PRINTF for logging functions
util/error: add G_GNUC_PRINTF for various functions
tests: add G_GNUC_PRINTF for various functions
enforce use of G_GNUC_PRINTF attributes
configure | 2 ++
disas.c | 1 +
hw/xen/xen-bus.c | 1 +
hw/xen/xen_pvdev.c | 1 +
include/hw/xen/xen-bus-helper.h | 6 ++++--
include/hw/xen/xen-bus.h | 3 ++-
tests/qtest/ahci-test.c | 3 +++
tests/qtest/arm-cpu-features.c | 1 +
tests/qtest/erst-test.c | 2 +-
tests/qtest/ide-test.c | 3 ++-
tests/qtest/ivshmem-test.c | 4 ++--
tests/qtest/libqmp.c | 2 +-
tests/qtest/libqos/libqos-pc.h | 6 ++++--
tests/qtest/libqos/libqos-spapr.h | 6 ++++--
tests/qtest/libqos/libqos.h | 6 ++++--
tests/qtest/libqos/virtio-9p.c | 1 +
tests/qtest/migration-helpers.h | 1 +
tests/qtest/rtas-test.c | 2 +-
tests/qtest/usb-hcd-uhci-test.c | 4 ++--
tests/unit/test-qmp-cmds.c | 13 +++++++++----
tools/virtiofsd/fuse_log.c | 1 +
tools/virtiofsd/fuse_log.h | 6 ++++--
tools/virtiofsd/passthrough_ll.c | 1 +
util/error-report.c | 1 +
util/error.c | 1 +
25 files changed, 55 insertions(+), 23 deletions(-)
--
2.38.1
next reply other threads:[~2022-12-19 13:04 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-19 13:01 Daniel P. Berrangé [this message]
2022-12-19 13:02 ` [PATCH 1/6] disas: add G_GNUC_PRINTF to gstring_printf Daniel P. Berrangé
2022-12-19 20:43 ` Stefan Weil via
2022-12-19 13:02 ` [PATCH 2/6] hw/xen: use G_GNUC_PRINTF/SCANF for various functions Daniel P. Berrangé
2022-12-19 14:10 ` Anthony PERARD via
2022-12-19 13:02 ` [PATCH 3/6] tools/virtiofsd: add G_GNUC_PRINTF for logging functions Daniel P. Berrangé
2023-01-04 19:46 ` Dr. David Alan Gilbert
2022-12-19 13:02 ` [PATCH 4/6] util/error: add G_GNUC_PRINTF for various functions Daniel P. Berrangé
2022-12-19 14:13 ` Philippe Mathieu-Daudé
2022-12-29 9:29 ` Thomas Huth
2022-12-19 13:02 ` [PATCH 5/6] tests: " Daniel P. Berrangé
2022-12-29 9:34 ` Thomas Huth
2023-01-09 11:55 ` Daniel P. Berrangé
2022-12-19 13:02 ` [PATCH 6/6] enforce use of G_GNUC_PRINTF attributes Daniel P. Berrangé
2022-12-22 8:31 ` [PATCH 0/6] enforce use of G_GNUC_PRINTF annotations Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221219130205.687815-1-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=alex.bennee@linaro.org \
--cc=anthony.perard@citrix.com \
--cc=armbru@redhat.com \
--cc=clg@kaod.org \
--cc=danielhb413@gmail.com \
--cc=david@gibson.dropbear.id.au \
--cc=dgilbert@redhat.com \
--cc=groug@kaod.org \
--cc=jsnow@redhat.com \
--cc=kraxel@redhat.com \
--cc=lvivier@redhat.com \
--cc=michael.roth@amd.com \
--cc=paul@xen.org \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
--cc=sstabellini@kernel.org \
--cc=stefanha@redhat.com \
--cc=thuth@redhat.com \
--cc=virtio-fs@redhat.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).