The existing emit call is a vector for format string injection. Use the string format specifier to avoid this problem. Reported-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> Signed-off-by: Brian Foster <bfoster@xxxxxxxxxx> --- v2: - Drop newline. v1: https://lore.kernel.org/linux-fsdevel/20240425104400.30222-1-bfoster@xxxxxxxxxx/ fs/fuse/virtio_fs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c index 322af827a232..d5cb300367ed 100644 --- a/fs/fuse/virtio_fs.c +++ b/fs/fuse/virtio_fs.c @@ -170,7 +170,7 @@ static ssize_t tag_show(struct kobject *kobj, { struct virtio_fs *fs = container_of(kobj, struct virtio_fs, kobj); - return sysfs_emit(buf, fs->tag); + return sysfs_emit(buf, "%s", fs->tag); } static struct kobj_attribute virtio_fs_tag_attr = __ATTR_RO(tag); -- 2.44.0
