On Mon, May 06, 2024 at 02:57:13PM -0400, Brian Foster wrote: > The existing emit call is a vector for format string injection. Use > the string format specifier to avoid this problem. > > Reported-by: Stefan Hajnoczi <stefanha@xxxxxxxxxx> > Signed-off-by: Brian Foster <bfoster@xxxxxxxxxx> > --- > > v2: > - Drop newline. > v1: https://lore.kernel.org/linux-fsdevel/20240425104400.30222-1-bfoster@xxxxxxxxxx/ > > fs/fuse/virtio_fs.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/fuse/virtio_fs.c b/fs/fuse/virtio_fs.c > index 322af827a232..d5cb300367ed 100644 > --- a/fs/fuse/virtio_fs.c > +++ b/fs/fuse/virtio_fs.c > @@ -170,7 +170,7 @@ static ssize_t tag_show(struct kobject *kobj, > { > struct virtio_fs *fs = container_of(kobj, struct virtio_fs, kobj); > > - return sysfs_emit(buf, fs->tag); > + return sysfs_emit(buf, "%s", fs->tag); > } Miklos: Would it be possible to change the format string to "%s\n" (with a newline) in this patch and merged for v6.9? v6.9 will be the first kernel release with this new sysfs attr and I'd like to get the formatting right. Once a kernel is released I would rather not change the sysfs attr's format to avoid breaking userspace, hence the urgency. Thank you, Stefan
Attachment:
signature.asc
Description: PGP signature
