Signed-off-by: Alexey Dobriyan <[email protected]>
---
fs/proc/base.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -396,7 +396,7 @@ static int proc_pid_wchan(struct seq_file *m, struct pid_namespace *ns,
wchan = get_wchan(task);
if (wchan && !lookup_symbol_name(wchan, symname)) {
- seq_printf(m, "%s", symname);
+ seq_puts(m, symname);
return 0;
}
On Sat, Feb 17, 2018 at 9:20 AM, Alexey Dobriyan <[email protected]> wrote:
> Signed-off-by: Alexey Dobriyan <[email protected]>
> - seq_printf(m, "%s", symname);
> + seq_puts(m, symname);
While this might have no security concerns, the pattern might be
brainlessly used by some janitors and there would have security
implications.
--
With Best Regards,
Andy Shevchenko
On Sat, Feb 17, 2018 at 04:06:42PM +0200, Andy Shevchenko wrote:
> On Sat, Feb 17, 2018 at 9:20 AM, Alexey Dobriyan <[email protected]> wrote:
> > - seq_printf(m, "%s", symname);
> > + seq_puts(m, symname);
>
> While this might have no security concerns, the pattern might be
> brainlessly used by some janitors and there would have security
> implications.
Unless there is some kind of preprocessor which seamlessly converts one
to another I'd continue converting.
On Sat, 17 Feb 2018 16:06:42 +0200 Andy Shevchenko <[email protected]> wrote:
> On Sat, Feb 17, 2018 at 9:20 AM, Alexey Dobriyan <[email protected]> wrote:
> > Signed-off-by: Alexey Dobriyan <[email protected]>
>
>
> > - seq_printf(m, "%s", symname);
> > + seq_puts(m, symname);
>
> While this might have no security concerns, the pattern might be
> brainlessly used by some janitors and there would have security
> implications.
And I'd like to see a changelog, please. One which explains why
`symname' cannot have a %s (etc) in it, and never will.
On 2018-02-21 01:02, Andrew Morton wrote:
> On Sat, 17 Feb 2018 16:06:42 +0200 Andy Shevchenko <[email protected]> wrote:
>
>> On Sat, Feb 17, 2018 at 9:20 AM, Alexey Dobriyan <[email protected]> wrote:
>>> Signed-off-by: Alexey Dobriyan <[email protected]>
>>
>>
>>> - seq_printf(m, "%s", symname);
>>> + seq_puts(m, symname);
>>
>> While this might have no security concerns, the pattern might be
>> brainlessly used by some janitors and there would have security
>> implications.
>
> And I'd like to see a changelog, please. One which explains why
> `symname' cannot have a %s (etc) in it, and never will.
OK, since #youtoo: It doesn't _matter_ if symname is "%pHAHAHA %fooled
you <unicode for evil grin emoji>", seq_puts does not interpret it at
all. There are _never_ security implications with the above replacement.
Sure, seq_printf(m, symname) would be bad, but that's not what is being
done.
AFAICT, this should always lead to slightly smaller code (one less
parameter passed) and in all likelyhood also slightly faster (no format
interpretation, no slow char-by-char handling by the string() function
etc.). So the only case where I'd think this should not necessarily be
done would be in a long sequence of seq_printf, where only one or two
could be replaced by seq_puts/seq_putc.
Rasmus
On Wed, 21 Feb 2018 09:57:49 +0100 Rasmus Villemoes <[email protected]> wrote:
> On 2018-02-21 01:02, Andrew Morton wrote:
> > On Sat, 17 Feb 2018 16:06:42 +0200 Andy Shevchenko <[email protected]> wrote:
> >
> >> On Sat, Feb 17, 2018 at 9:20 AM, Alexey Dobriyan <[email protected]> wrote:
> >>> Signed-off-by: Alexey Dobriyan <[email protected]>
> >>
> >>
> >>> - seq_printf(m, "%s", symname);
> >>> + seq_puts(m, symname);
> >>
> >> While this might have no security concerns, the pattern might be
> >> brainlessly used by some janitors and there would have security
> >> implications.
> >
> > And I'd like to see a changelog, please. One which explains why
> > `symname' cannot have a %s (etc) in it, and never will.
>
> OK, since #youtoo: It doesn't _matter_ if symname is "%pHAHAHA %fooled
> you <unicode for evil grin emoji>", seq_puts does not interpret it at
> all. There are _never_ security implications with the above replacement.
> Sure, seq_printf(m, symname) would be bad, but that's not what is being
> done.
doh, OK, sorry. RTFP, Andrew.