[RFC PATCH] vsnprintf: Remove use of %n and convert existing uses
Joe Perches
joe at perches.com
Wed Sep 11 23:43:03 UTC 2013
On Wed, 2013-09-11 at 16:29 -0700, Kees Cook wrote:
> On Wed, Sep 11, 2013 at 4:22 PM, Joe Perches <joe at perches.com> wrote:
> > Using vsnprintf or its derivatives with %n can have security
> > vulnerability implications.
> >
> > Prior to commit fef20d9c1380
> > ("vsprintf: unify the format decoding layer for its 3 users"),
> > any use of %n was ignored.
> >
> > Reintroduce this feature and convert the existing uses of %n
> > to use the return length from vsnprintf or its derivatives.
> >
> > Signed-off-by: Joe Perches <joe at perches.com>
> > Acked-by: KOSAKI Motohiro <kosaki.motohiro at jp.fujitsu.com> (proc bits)
> > cc: Kees Cook <keescook at chromium.org>
> > cc: Frederic Weisbecker <fweisbec at gmail.com>
>
> Yes, please. It might also be worth updating
> Documentation/printk-formats.txt to mention that %n has intentionally
> removed and will be ignored.
Fine with me if you want to update that file.
It doesn't currently try to be a complete man page
for vsnprintf though.
vsprintf.c does have kernel-doc documentation and
that already does show that %n is ignored.
More information about the devel
mailing list