Re: [PATCH 0/5] kallsyms: make kallsym APIs more safe with scnprintf

From: Christoph Hellwig
Date: Sun May 22 2022 - 02:09:26 EST

Next message: Leo Yan: "Re: [PATCH v8 0/4] perf: arm-spe: Decode SPE source and use for perf c2c"
Previous message: Jiaqing Zhao: "[PATCH 2/2] mtd: spi-nor: micron: Add SPI_NOR_DUAL_READ flag on mt25ql02g"
In reply to: Maninder Singh: "[PATCH 2/5] kallsyms: replace sprintf with scnprintf"
Next in thread: Kees Cook: "Re: [PATCH 0/5] kallsyms: make kallsym APIs more safe with scnprintf"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, May 20, 2022 at 02:06:56PM +0530, Maninder Singh wrote:
> kallsyms functionality depends on KSYM_NAME_LEN directly.
> but if user passed array length lesser than it, sprintf
> can cause issues of buffer overflow attack.
>
> So changing *sprint* and *lookup* APIs in this patch set
> to have buffer size as an argument and replacing sprintf with
> scnprintf.

This is still a pretty horrible API. Passing something like
a struct seq_buf seems like the much better API here. Also with
the amount of arguments and by reference passing it might be worth
to pass them as a structure while you're at it.

Next message: Leo Yan: "Re: [PATCH v8 0/4] perf: arm-spe: Decode SPE source and use for perf c2c"
Previous message: Jiaqing Zhao: "[PATCH 2/2] mtd: spi-nor: micron: Add SPI_NOR_DUAL_READ flag on mt25ql02g"
In reply to: Maninder Singh: "[PATCH 2/5] kallsyms: replace sprintf with scnprintf"
Next in thread: Kees Cook: "Re: [PATCH 0/5] kallsyms: make kallsym APIs more safe with scnprintf"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]