On Mon, Oct 09, 2017 at 01:59:05PM +1100, Tobin C. Harding wrote: > %pi leaks kernel addresses if incorrectly specified. > > Currently the printk specifier %pi (%pI) contains a switch statement > without a default clause. The %pi specifier requires a subsequent > character (4, 6, or S) controlling the output. If the specifier is > incomplete the switch statement will fall through and print the variable > argument address in hex instead of the value of the argument (as an IP > address). > > If uncaught this leaks kernel addresses into dmesg. We can return an > error string to make the bug visible and stop addresses leaking. > > Add a default clause returning an error string, stops leaking addresses > and makes the buggy code
...? :) > Signed-off-by: Tobin C. Harding <m...@tobin.cc> > --- > lib/vsprintf.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/lib/vsprintf.c b/lib/vsprintf.c > index 86c3385b9eb3..155702f05b14 100644 > --- a/lib/vsprintf.c > +++ b/lib/vsprintf.c > @@ -1775,6 +1775,8 @@ char *pointer(const char *fmt, char *buf, char *end, > void *ptr, > default: > return string(buf, end, "(invalid address)", > spec); > }} > + default: Maybe a WARN(1, "invalid pointer format")? That way it'll be easy for people to figure out where to fix. Cheers, Tycho > + return string(buf, end, "(invalid specifier, form: > %pi4)", spec); > } > break; > case 'E': > -- > 2.7.4 >
