2013-09-11 04:39:49

by Kees Cook

Subject: [PATCH] scsi: esas2r: fix potential format string flaw

This makes sure format strings cannot leak into the printk call via the
constructed buffer.

Signed-off-by: Kees Cook <[email protected]>
---
drivers/scsi/esas2r/esas2r_log.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/scsi/esas2r/esas2r_log.c b/drivers/scsi/esas2r/esas2r_log.c
index 9bf285d..61fc19d 100644
--- a/drivers/scsi/esas2r/esas2r_log.c
+++ b/drivers/scsi/esas2r/esas2r_log.c
@@ -171,7 +171,7 @@ static int esas2r_log_master(const long level,
if (strlen(event_buffer) < buflen)
strcat(buffer, "\n");

- printk(event_buffer);
+ printk("%s", event_buffer);

spin_unlock_irqrestore(&event_buffer_lock, flags);
}
--
1.7.9.5


--
Kees Cook
Chrome OS Security

2013-09-11 15:53:53

by Grove, Bradley

Subject: Re: [PATCH] scsi: esas2r: fix potential format string flaw

On 09/11/2013 12:38 AM, Kees Cook wrote:
> This makes sure format strings cannot leak into the printk call via the
> constructed buffer.
>
> Signed-off-by: Kees Cook <[email protected]>
> ---

Acked-by: Bradley Grove <[email protected]>

Brad