2015-06-08 22:31:09

by Kees Cook

[permalink] [raw]
Subject: [PATCH] fbdev: omap2: remove potential format string leak

Since kobject_init_and_add takes a format string, make sure that the
passed in name cannot be accidentally parsed.

Signed-off-by: Kees Cook <[email protected]>
---
drivers/video/fbdev/omap2/dss/display-sysfs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/video/fbdev/omap2/dss/display-sysfs.c b/drivers/video/fbdev/omap2/dss/display-sysfs.c
index 12186557a9d4..6ad0991f8259 100644
--- a/drivers/video/fbdev/omap2/dss/display-sysfs.c
+++ b/drivers/video/fbdev/omap2/dss/display-sysfs.c
@@ -324,7 +324,7 @@ int display_init_sysfs(struct platform_device *pdev)

for_each_dss_dev(dssdev) {
r = kobject_init_and_add(&dssdev->kobj, &display_ktype,
- &pdev->dev.kobj, dssdev->alias);
+ &pdev->dev.kobj, "%s", dssdev->alias);
if (r) {
DSSERR("failed to create sysfs files\n");
omap_dss_put_device(dssdev);
--
1.9.1


--
Kees Cook
Chrome OS Security


2015-06-12 09:38:13

by Tomi Valkeinen

[permalink] [raw]
Subject: Re: [PATCH] fbdev: omap2: remove potential format string leak



On 09/06/15 01:30, Kees Cook wrote:
> Since kobject_init_and_add takes a format string, make sure that the
> passed in name cannot be accidentally parsed.
>
> Signed-off-by: Kees Cook <[email protected]>
> ---
> drivers/video/fbdev/omap2/dss/display-sysfs.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/video/fbdev/omap2/dss/display-sysfs.c b/drivers/video/fbdev/omap2/dss/display-sysfs.c
> index 12186557a9d4..6ad0991f8259 100644
> --- a/drivers/video/fbdev/omap2/dss/display-sysfs.c
> +++ b/drivers/video/fbdev/omap2/dss/display-sysfs.c
> @@ -324,7 +324,7 @@ int display_init_sysfs(struct platform_device *pdev)
>
> for_each_dss_dev(dssdev) {
> r = kobject_init_and_add(&dssdev->kobj, &display_ktype,
> - &pdev->dev.kobj, dssdev->alias);
> + &pdev->dev.kobj, "%s", dssdev->alias);
> if (r) {
> DSSERR("failed to create sysfs files\n");
> omap_dss_put_device(dssdev);
>

Thanks, queued for 4.2.

Tomi

Attachments:
signature.asc (819.00 B)
OpenPGP digital signature