On Fri, Aug 04, 2023 at 12:29:16PM +0200, Greg Kroah-Hartman wrote:
> On Fri, Aug 04, 2023 at 12:22:09PM +0200, Greg Kroah-Hartman wrote:
> > On Tue, Aug 01, 2023 at 02:30:44PM -0700, Brennan Lamoreaux wrote:
> > > From: Joe Perches <joe@xxxxxxxxxxx>
> > >
> > > commit aa838896d87af561a33ecefea1caa4c15a68bc47 upstream
> > >
> > > Convert the various sprintf fmaily calls in sysfs device show functions
> > > to sysfs_emit and sysfs_emit_at for PAGE_SIZE buffer safety.
> > >
> > > Done with:
> > >
> > > $ spatch -sp-file sysfs_emit_dev.cocci --in-place --max-width=80 .
> > >
> > > And cocci script:
> > >
> > > $ cat sysfs_emit_dev.cocci
> > > @@
> > > identifier d_show;
> > > identifier dev, attr, buf;
> > > @@
> > >
> > > ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> > > {
> > > <...
> > > return
> > > - sprintf(buf,
> > > + sysfs_emit(buf,
> > > ...);
> > > ...>
> > > }
> > >
> > > @@
> > > identifier d_show;
> > > identifier dev, attr, buf;
> > > @@
> > >
> > > ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> > > {
> > > <...
> > > return
> > > - snprintf(buf, PAGE_SIZE,
> > > + sysfs_emit(buf,
> > > ...);
> > > ...>
> > > }
> > >
> > > @@
> > > identifier d_show;
> > > identifier dev, attr, buf;
> > > @@
> > >
> > > ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> > > {
> > > <...
> > > return
> > > - scnprintf(buf, PAGE_SIZE,
> > > + sysfs_emit(buf,
> > > ...);
> > > ...>
> > > }
> > >
> > > @@
> > > identifier d_show;
> > > identifier dev, attr, buf;
> > > expression chr;
> > > @@
> > >
> > > ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> > > {
> > > <...
> > > return
> > > - strcpy(buf, chr);
> > > + sysfs_emit(buf, chr);
> > > ...>
> > > }
> > >
> > > @@
> > > identifier d_show;
> > > identifier dev, attr, buf;
> > > identifier len;
> > > @@
> > >
> > > ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> > > {
> > > <...
> > > len =
> > > - sprintf(buf,
> > > + sysfs_emit(buf,
> > > ...);
> > > ...>
> > > return len;
> > > }
> > >
> > > @@
> > > identifier d_show;
> > > identifier dev, attr, buf;
> > > identifier len;
> > > @@
> > >
> > > ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> > > {
> > > <...
> > > len =
> > > - snprintf(buf, PAGE_SIZE,
> > > + sysfs_emit(buf,
> > > ...);
> > > ...>
> > > return len;
> > > }
> > >
> > > @@
> > > identifier d_show;
> > > identifier dev, attr, buf;
> > > identifier len;
> > > @@
> > >
> > > ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> > > {
> > > <...
> > > len =
> > > - scnprintf(buf, PAGE_SIZE,
> > > + sysfs_emit(buf,
> > > ...);
> > > ...>
> > > return len;
> > > }
> > >
> > > @@
> > > identifier d_show;
> > > identifier dev, attr, buf;
> > > identifier len;
> > > @@
> > >
> > > ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> > > {
> > > <...
> > > - len += scnprintf(buf + len, PAGE_SIZE - len,
> > > + len += sysfs_emit_at(buf, len,
> > > ...);
> > > ...>
> > > return len;
> > > }
> > >
> > > @@
> > > identifier d_show;
> > > identifier dev, attr, buf;
> > > expression chr;
> > > @@
> > >
> > > ssize_t d_show(struct device *dev, struct device_attribute *attr, char *buf)
> > > {
> > > ...
> > > - strcpy(buf, chr);
> > > - return strlen(buf);
> > > + return sysfs_emit(buf, chr);
> > > }
> > >
> > > Signed-off-by: Joe Perches <joe@xxxxxxxxxxx>
> > > Link: https://lore.kernel.org/r/3d033c33056d88bbe34d4ddb62afd05ee166ab9a.1600285923.git.joe@xxxxxxxxxxx
> > > Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
> > > [ Brennan : Regenerated for 4.19 to fix CVE-2022-20166 ]
> > > Signed-off-by: Brennan Lamoreaux <blamoreaux@xxxxxxxxxx>
> >
> > Thanks, now queued up.
>
> Nope, now dropped, this didn't even build. How did you test this thing?
Sorry, it built, but had warnings. We don't like to add new warnings if
possible, right?
