Re: [PATCH] Fix a potential abuse of seq_printf() format string in drivers

Linus Walleij <linus.walleij@xxxxxxxxxx> · Wed, 20 Nov 2024 08:35:38 +0100

On Wed, Nov 20, 2024 at 6:31 AM David Wang <00107082@xxxxxxx> wrote:

> Using device name as format string of seq_printf() is proned to
> "Format string attack", opens possibility for exploitation.
> Seq_puts() is safer and more efficient.
>
> Signed-off-by: David Wang <00107082@xxxxxxx>

Okay better get Kees' eye on this, he looks after string vulnerabilities.
(But I think you're right.)

>  drivers/gpio/gpio-aspeed-sgpio.c            | 2 +-
>  drivers/gpio/gpio-aspeed.c                  | 2 +-
>  drivers/gpio/gpio-ep93xx.c                  | 2 +-
>  drivers/gpio/gpio-hlwd.c                    | 2 +-
>  drivers/gpio/gpio-mlxbf2.c                  | 2 +-
>  drivers/gpio/gpio-omap.c                    | 2 +-
>  drivers/gpio/gpio-pca953x.c                 | 2 +-
>  drivers/gpio/gpio-pl061.c                   | 2 +-
>  drivers/gpio/gpio-tegra.c                   | 2 +-
>  drivers/gpio/gpio-tegra186.c                | 2 +-
>  drivers/gpio/gpio-tqmx86.c                  | 2 +-
>  drivers/gpio/gpio-visconti.c                | 2 +-
>  drivers/gpio/gpio-xgs-iproc.c               | 2 +-
>  drivers/irqchip/irq-gic.c                   | 2 +-
>  drivers/irqchip/irq-mvebu-pic.c             | 2 +-
>  drivers/irqchip/irq-versatile-fpga.c        | 2 +-
>  drivers/pinctrl/bcm/pinctrl-iproc-gpio.c    | 2 +-
>  drivers/pinctrl/mvebu/pinctrl-armada-37xx.c | 2 +-
>  drivers/pinctrl/pinctrl-mcp23s08.c          | 2 +-
>  drivers/pinctrl/pinctrl-stmfx.c             | 2 +-
>  drivers/pinctrl/pinctrl-sx150x.c            | 2 +-
>  drivers/pinctrl/renesas/pinctrl-rzg2l.c     | 2 +-

Can you split this in three patches per-subsystem?
One for gpio, one for irqchip and one for pinctrl?

Then send to each subsystem maintainer and CC kees on
each.

I'm just the pinctrl maintainer. The rest can be found with
scripts/get_maintainer.pl.

Yours,
Linus Walleij