Re: [PATCH 1/4] lib/vsprintf.c: handle invalid format specifiers more robustly

[Rasmus Villemoes]

On Mon, Sep 28 2015, Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx> wrote:

>>  		/*
>> -		 * Since %n poses a greater security risk than 
>> utility, treat
>> -		 * it as an invalid format specifier. Warn about its 
>> use so
>> -		 * that new instances don't get added.
>> +		 * Since %n poses a greater security risk than
>
> Any reason to wrap first string?

I just hit M-q in emacs and let that take care of somewhat sane
wrapping. I don't play diff golf.

>> +			/*
>> +			 * Presumably the arguments passed gcc's 
>> type
>> +			 * checking, but there is no safe or sane 
>> way
>> +			 * for us to continue parsing the format and
>> +			 * fetching from the va_list; the remaining
>> +			 * specifiers and arguments would be out of
>> +			 * sync.
>
> Could we use wider strings in the commentary here?

Ditto.

Rasmus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/