Re: [kees:format-security 2/3] arch/sh/kernel/dumpstack.c:118:2: error: format not a string literal and no format arguments

From: Kees Cook
Date: Mon Mar 10 2014 - 13:42:12 EST

Next message: Mark Brown: "[PATCH] mfd: wm5102: Mark register write sequencer control 3 readable"
Previous message: Sebastian Andrzej Siewior: "Re: [PATCH RT] fs: jbd2: pull your plug when waiting for space"
Next in thread: Matt Fleming: "Re: [kees:format-security 2/3] arch/sh/kernel/dumpstack.c:118:2: error: format not a string literal and no format arguments"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Mar 9, 2014 at 9:09 PM, kbuild test robot
<fengguang.wu@xxxxxxxxx> wrote:
> tree: git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git format-security
> head: 78ac7178787f348d93ac16cda556265af4b8ce17
> commit: 3aac21c82091399e96c528c8ac4f337757d6e81b [2/3] Make all format string problems fail the build
> config: make ARCH=sh allnoconfig
>
> All error/warnings:
>
> arch/sh/kernel/dumpstack.c: In function 'print_trace_address':
>>> arch/sh/kernel/dumpstack.c:118:2: error: format not a string literal and no format arguments [-Werror=format-security]
> cc1: all warnings being treated as errors
>
> vim +118 arch/sh/kernel/dumpstack.c
>
> 4e14dfc7 Matt Fleming 2009-08-07 102 context, &graph);
> 4e14dfc7 Matt Fleming 2009-08-07 103 }
> 4e14dfc7 Matt Fleming 2009-08-07 104 }
> 4e14dfc7 Matt Fleming 2009-08-07 105 }
> 4e14dfc7 Matt Fleming 2009-08-07 106
> 4e14dfc7 Matt Fleming 2009-08-07 107 static int print_trace_stack(void *data, char *name)
> 4e14dfc7 Matt Fleming 2009-08-07 108 {
> 4e14dfc7 Matt Fleming 2009-08-07 109 printk("%s <%s> ", (char *)data, name);
> 4e14dfc7 Matt Fleming 2009-08-07 110 return 0;
> 4e14dfc7 Matt Fleming 2009-08-07 111 }
> 4e14dfc7 Matt Fleming 2009-08-07 112
> 4e14dfc7 Matt Fleming 2009-08-07 113 /*
> 4e14dfc7 Matt Fleming 2009-08-07 114 * Print one address/symbol entries per line.
> 4e14dfc7 Matt Fleming 2009-08-07 115 */
> 4e14dfc7 Matt Fleming 2009-08-07 116 static void print_trace_address(void *data, unsigned long addr, int reliable)
> 4e14dfc7 Matt Fleming 2009-08-07 117 {
> 4e14dfc7 Matt Fleming 2009-08-07 @118 printk(data);

This needs to be "printk("%s", data);" so there is no chance of having
"data" interpreted as a format string itself.

Thanks!

-Kees

> 4e14dfc7 Matt Fleming 2009-08-07 119 printk_address(addr, reliable);
> 4e14dfc7 Matt Fleming 2009-08-07 120 }
> 4e14dfc7 Matt Fleming 2009-08-07 121
> 4e14dfc7 Matt Fleming 2009-08-07 122 static const struct stacktrace_ops print_trace_ops = {
> 4e14dfc7 Matt Fleming 2009-08-07 123 .stack = print_trace_stack,
> 4e14dfc7 Matt Fleming 2009-08-07 124 .address = print_trace_address,
> 4e14dfc7 Matt Fleming 2009-08-07 125 };
> 4e14dfc7 Matt Fleming 2009-08-07 126
>
> :::::: The code at line 118 was first introduced by commit
> :::::: 4e14dfc722b8e9e07a355f97aa60a3d9f0739071 sh: Use the generalized stacktrace ops
>
> :::::: TO: Matt Fleming <matt@xxxxxxxxxxxxxxxxx>
> :::::: CC: Paul Mundt <lethal@xxxxxxxxxxxx>
>
> ---
> 0-DAY kernel build testing backend Open Source Technology Center
> http://lists.01.org/mailman/listinfo/kbuild Intel Corporation

--
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mark Brown: "[PATCH] mfd: wm5102: Mark register write sequencer control 3 readable"
Previous message: Sebastian Andrzej Siewior: "Re: [PATCH RT] fs: jbd2: pull your plug when waiting for space"
Next in thread: Matt Fleming: "Re: [kees:format-security 2/3] arch/sh/kernel/dumpstack.c:118:2: error: format not a string literal and no format arguments"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]