Re: [RFC PATCH] vsnprintf: Remove use of %n and convert existing uses

2013-09-12 Thread Joe Perches
On Thu, 2013-09-12 at 09:06 +0100, David Laight wrote: > > On Wed, Sep 11, 2013 at 05:04:17PM -0700, Joe Perches wrote: > > > On Thu, 2013-09-12 at 08:40 +0900, Tetsuo Handa wrote: > > > > Joe Perches wrote: > > > > > - seq_printf(m, "%s%d%n", con->name, con->index, &len); > > > > > + len =

RE: [RFC PATCH] vsnprintf: Remove use of %n and convert existing uses

2013-09-12 Thread David Laight
> On Wed, Sep 11, 2013 at 05:04:17PM -0700, Joe Perches wrote: > > On Thu, 2013-09-12 at 08:40 +0900, Tetsuo Handa wrote: > > > Joe Perches wrote: > > > > - seq_printf(m, "%s%d%n", con->name, con->index, &len); > > > > + len = seq_printf(m, "%s%d", con->name, con->index); > > > > > > Is

Re: [RFC PATCH] vsnprintf: Remove use of %n and convert existing uses

2013-09-12 Thread Joe Perches
On Thu, 2013-09-12 at 08:40 +0900, Tetsuo Handa wrote: > Joe Perches wrote: > > - seq_printf(m, "%s%d%n", con->name, con->index, &len); > > + len = seq_printf(m, "%s%d", con->name, con->index); > > Isn't len always 0 or -1 ? Right. Well you're no fun... These uses would seem broken anyway b

Re: [RFC PATCH] vsnprintf: Remove use of %n and convert existing uses

2013-09-11 Thread Joe Perches
On Thu, 2013-09-12 at 01:19 +0100, Al Viro wrote: > On Wed, Sep 11, 2013 at 05:04:17PM -0700, Joe Perches wrote: > > On Thu, 2013-09-12 at 08:40 +0900, Tetsuo Handa wrote: > > > Joe Perches wrote: > > > > - seq_printf(m, "%s%d%n", con->name, con->index, &len); > > > > + len = seq_printf

Re: [RFC PATCH] vsnprintf: Remove use of %n and convert existing uses

2013-09-11 Thread Al Viro
On Wed, Sep 11, 2013 at 05:04:17PM -0700, Joe Perches wrote: > On Thu, 2013-09-12 at 08:40 +0900, Tetsuo Handa wrote: > > Joe Perches wrote: > > > - seq_printf(m, "%s%d%n", con->name, con->index, &len); > > > + len = seq_printf(m, "%s%d", con->name, con->index); > > > > Isn't len always 0 or -1 ?

Re: [RFC PATCH] vsnprintf: Remove use of %n and convert existing uses

2013-09-11 Thread Joe Perches
On Wed, 2013-09-11 at 16:29 -0700, Kees Cook wrote: > On Wed, Sep 11, 2013 at 4:22 PM, Joe Perches wrote: > > Using vsnprintf or its derivatives with %n can have security > > vulnerability implications. > > > > Prior to commit fef20d9c1380 > > ("vsprintf: unify the format decoding layer for its 3

Re: [RFC PATCH] vsnprintf: Remove use of %n and convert existing uses

2013-09-11 Thread Tetsuo Handa
Joe Perches wrote: > - seq_printf(m, "%s%d%n", con->name, con->index, &len); > + len = seq_printf(m, "%s%d", con->name, con->index); Isn't len always 0 or -1 ? int seq_vprintf(struct seq_file *m, const char *f, va_list args) { int len; if (m->count < m->size) {

Re: [RFC PATCH] vsnprintf: Remove use of %n and convert existing uses

2013-09-11 Thread Kees Cook
On Wed, Sep 11, 2013 at 4:22 PM, Joe Perches wrote: > Using vsnprintf or its derivatives with %n can have security > vulnerability implications. > > Prior to commit fef20d9c1380 > ("vsprintf: unify the format decoding layer for its 3 users"), > any use of %n was ignored. > > Reintroduce this featu