Re: [PATCH 2/3] irqchip: Fix a potential abuse of seq_printf() format string

From: David Wang
Date: Tue Dec 03 2024 - 07:02:02 EST

Next message: Petr Pavlu: "Re: [PATCH v6 12/18] gendwarfksyms: Add symbol versioning"
Previous message: Uwe Kleine-König: "Re: [PATCH v2 00/32] driver core: Constify API device_find_child() and adapt for various existing usages"
In reply to: Thomas Gleixner: "Re: [PATCH 2/3] irqchip: Fix a potential abuse of seq_printf() format string"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 2024-12-03 19:22:46, "Thomas Gleixner" <tglx@xxxxxxxxxxxxx> wrote:
>On Wed, Nov 20 2024 at 17:17, David Wang wrote:
>> Using device name as format string of seq_printf() is prone to
>> "Format string attack", opens possibility for exploitation.
>> Seq_puts() is safer and more efficient.
>
>I agree that seq_puts() is more efficient, but this whole handwaving
>about format string attacks is far fetched.
>
>These strings originate from device tree or generated device/domain
>names. If they contain format strings, then that's either a plain bug in
>the kernel or the device tree, but far from a 'format string attack'.

Isn't it possible to change device name? The way I image it, if some low-privileged interface can
be used to change device name, (maybe some backdoor in the device firmware)
then reading /proc/... could be used by low-privileged user to gain more information.

And yes, It is all theoretical.

Thanks
David

Next message: Petr Pavlu: "Re: [PATCH v6 12/18] gendwarfksyms: Add symbol versioning"
Previous message: Uwe Kleine-König: "Re: [PATCH v2 00/32] driver core: Constify API device_find_child() and adapt for various existing usages"
In reply to: Thomas Gleixner: "Re: [PATCH 2/3] irqchip: Fix a potential abuse of seq_printf() format string"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]