Re: [PATCH] rcutorture: avoid format string leak to thead name

From: Josh Triplett
Date: Thu May 22 2014 - 17:15:55 EST

Next message: Josh Triplett: "Re: [PATCH] staging: rtl8188eu: os_dep: usb_intf.c: Fix to remove null pointer checks that could never happen"
Previous message: Srivatsa S. Bhat: "Re: [PATCH] x86, MCE: Kill CPU_POST_DEAD"
In reply to: Paul E. McKenney: "Re: [PATCH] rcutorture: avoid format string leak to thead name"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, May 22, 2014 at 11:51:04AM -0700, Kees Cook wrote:
> Since the rcutorture thread creation interface does not include format
> string arguments, make sure the name can never be accidentally processed
> as a format string.
>
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>

Reviewed-by: Josh Triplett <josh@xxxxxxxxxxxxxxxx>

> kernel/torture.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/torture.c b/kernel/torture.c
> index acc9afc2f26e..9dad2ffaf995 100644
> --- a/kernel/torture.c
> +++ b/kernel/torture.c
> @@ -694,7 +694,7 @@ int _torture_create_kthread(int (*fn)(void *arg), void *arg, char *s, char *m,
> int ret = 0;
>
> VERBOSE_TOROUT_STRING(m);
> - *tp = kthread_run(fn, arg, s);
> + *tp = kthread_run(fn, arg, "%s", s);
> if (IS_ERR(*tp)) {
> ret = PTR_ERR(*tp);
> VERBOSE_TOROUT_ERRSTRING(f);
> --
> 1.7.9.5
>
>
> --
> Kees Cook
> Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Josh Triplett: "Re: [PATCH] staging: rtl8188eu: os_dep: usb_intf.c: Fix to remove null pointer checks that could never happen"
Previous message: Srivatsa S. Bhat: "Re: [PATCH] x86, MCE: Kill CPU_POST_DEAD"
In reply to: Paul E. McKenney: "Re: [PATCH] rcutorture: avoid format string leak to thead name"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]