On Tue, 2024-05-28 at 15:32 +0200, Arnd Bergmann wrote:
> From: Arnd Bergmann <arnd@xxxxxxxx>
>
> Using snprintf() with a format string from task->comm is a bit
> dangerous since the string may be controlled by unprivileged
> userspace:
>
> drivers/gpu/drm/xe/xe_devcoredump.c: In function
> 'devcoredump_snapshot':
> drivers/gpu/drm/xe/xe_devcoredump.c:184:9: error: format not a string
> literal and no format arguments [-Werror=format-security]
> 184 | snprintf(ss->process_name, sizeof(ss->process_name),
> process_name);
> | ^~~~~~~~
>
> In this case there is no reason for an snprintf(), so use a simpler
> string copy.
>
> Fixes: b10d0c5e9df7 ("drm/xe: Add process name to devcoredump")
> Signed-off-by: Arnd Bergmann <arnd@xxxxxxxx>
Reviewed-by: Thomas Hellström <thomas.hellstrom@xxxxxxxxxxxxxxx>
Thanks,
Will pick up and apply as soon as our CI is fit for fight.
/Thomas
> ---
> drivers/gpu/drm/xe/xe_devcoredump.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/xe/xe_devcoredump.c
> b/drivers/gpu/drm/xe/xe_devcoredump.c
> index 1643d44f8bc4..1973bfaece40 100644
> --- a/drivers/gpu/drm/xe/xe_devcoredump.c
> +++ b/drivers/gpu/drm/xe/xe_devcoredump.c
> @@ -181,7 +181,7 @@ static void devcoredump_snapshot(struct
> xe_devcoredump *coredump,
> if (task)
> process_name = task->comm;
> }
> - snprintf(ss->process_name, sizeof(ss->process_name),
> process_name);
> + strscpy(ss->process_name, process_name);
> if (task)
> put_task_struct(task);
>
