Re: [linux-devel:devel-hourly-2014102506 48/69] net/wireless/core.c:374:3: error: format not a string literal and no format arguments

From: Kees Cook
Date: Fri Oct 24 2014 - 19:16:55 EST

Next message: Paul McQuade: "[PATCH] Staging:rtl8723au:core brace issue"
Previous message: Bjorn Andersson: "Re: [PATCH] genirq: Introduce irq_read_line()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On Fri, Oct 24, 2014 at 4:07 PM, kbuild test robot
<fengguang.wu@xxxxxxxxx> wrote:
> net/wireless/core.c: In function 'wiphy_new_nm':
>>> net/wireless/core.c:374:3: error: format not a string literal and no format arguments [-Werror=format-security]
> rv = dev_set_name(&rdev->wiphy.dev, requested_name);
> ^
> cc1: some warnings being treated as errors
>
> vim +374 net/wireless/core.c
>
> 704232c2 Johannes Berg 2007-04-23 358
> 9b881963 Johannes Berg 2013-06-04 359 /* atomic_inc_return makes it start at 1, make it start at 0 */
> 9b881963 Johannes Berg 2013-06-04 360 rdev->wiphy_idx--;
> 9b881963 Johannes Berg 2013-06-04 361
> 7623225f Johannes Berg 2010-10-11 362 /* give it a proper name */
> 3fea0bc6 Ben Greear 2014-10-22 363 if (requested_name && requested_name[0]) {
> 3fea0bc6 Ben Greear 2014-10-22 364 int rv;
> 3fea0bc6 Ben Greear 2014-10-22 365
> 3fea0bc6 Ben Greear 2014-10-22 366 rtnl_lock();
> 3fea0bc6 Ben Greear 2014-10-22 367 rv = cfg80211_dev_check_name(rdev, requested_name);
> 3fea0bc6 Ben Greear 2014-10-22 368
> 3fea0bc6 Ben Greear 2014-10-22 369 if (rv < 0) {
> 3fea0bc6 Ben Greear 2014-10-22 370 rtnl_unlock();
> 3fea0bc6 Ben Greear 2014-10-22 371 goto use_default_name;
> 3fea0bc6 Ben Greear 2014-10-22 372 }
> 3fea0bc6 Ben Greear 2014-10-22 373
> 3fea0bc6 Ben Greear 2014-10-22 @374 rv = dev_set_name(&rdev->wiphy.dev, requested_name);

Please make this:

rv = dev_set_name(&rdev->wiphy.dev, "%s", requested_name);

to avoid format string leaks via the device name.

Thanks!

-Kees

> 3fea0bc6 Ben Greear 2014-10-22 375 rtnl_unlock();
> 3fea0bc6 Ben Greear 2014-10-22 376 if (rv)
> 3fea0bc6 Ben Greear 2014-10-22 377 goto use_default_name;
> 3fea0bc6 Ben Greear 2014-10-22 378 } else {
> 3fea0bc6 Ben Greear 2014-10-22 379 use_default_name:
> 3fea0bc6 Ben Greear 2014-10-22 380 /* NOTE: This is *probably* safe w/out holding rtnl because of
> 3fea0bc6 Ben Greear 2014-10-22 381 * the restrictions on phy names. Probably this call could
> 3fea0bc6 Ben Greear 2014-10-22 382 * fail if some other part of the kernel (re)named a device
>
> :::::: The code at line 374 was first introduced by commit
> :::::: 3fea0bc6ccb485342ce149a100d4effa029fa975 cfg80211: support creating wiphy with suggested name
>
> :::::: TO: Ben Greear <greearb@xxxxxxxxxxxxxxx>
> :::::: CC: Johannes Berg <johannes.berg@xxxxxxxxx>
>
> ---
> 0-DAY kernel build testing backend Open Source Technology Center
> http://lists.01.org/mailman/listinfo/kbuild Intel Corporation

--
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Paul McQuade: "[PATCH] Staging:rtl8723au:core brace issue"
Previous message: Bjorn Andersson: "Re: [PATCH] genirq: Introduce irq_read_line()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]