diff options
| author | Joe Perches <joe@perches.com> | 2017-05-08 18:55:36 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2017-05-08 20:15:10 -0400 |
| commit | 0b523769ebb9473c60df1b0f70615aa82ebac2c9 (patch) | |
| tree | 7e9d9ac957dffd3a98750d4a82ece52286692774 /scripts | |
| parent | cd8618ab3df3ac6018cecb9dc626ff72c39eb503 (diff) | |
checkpatch: add ability to find bad uses of vsprintf %p<foo> extensions
%pK was at least once misused at %pk in an out-of-tree module. This
lead to some security concerns. Add the ability to track single and
multiple line statements for misuses of %p<foo>.
[akpm@linux-foundation.org: add helpful comment into lib/vsprintf.c]
[akpm@linux-foundation.org: text tweak]
Link: http://lkml.kernel.org/r/163a690510e636a23187c0dc9caa09ddac6d4cde.1488228427.git.joe@perches.com
Signed-off-by: Joe Perches <joe@perches.com>
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: William Roberts <william.c.roberts@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/checkpatch.pl | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl index 30eeba4f1602..732bb3e2fe9a 100755 --- a/scripts/checkpatch.pl +++ b/scripts/checkpatch.pl | |||
| @@ -5663,6 +5663,32 @@ sub process { | |||
| 5663 | } | 5663 | } |
| 5664 | } | 5664 | } |
| 5665 | 5665 | ||
| 5666 | # check for vsprintf extension %p<foo> misuses | ||
| 5667 | if ($^V && $^V ge 5.10.0 && | ||
| 5668 | defined $stat && | ||
| 5669 | $stat =~ /^\+(?![^\{]*\{\s*).*\b(\w+)\s*\(.*$String\s*,/s && | ||
| 5670 | $1 !~ /^_*volatile_*$/) { | ||
| 5671 | my $bad_extension = ""; | ||
| 5672 | my $lc = $stat =~ tr@\n@@; | ||
| 5673 | $lc = $lc + $linenr; | ||
| 5674 | for (my $count = $linenr; $count <= $lc; $count++) { | ||
| 5675 | my $fmt = get_quoted_string($lines[$count - 1], raw_line($count, 0)); | ||
| 5676 | $fmt =~ s/%%//g; | ||
| 5677 | if ($fmt =~ /(\%[\*\d\.]*p(?![\WFfSsBKRraEhMmIiUDdgVCbGN]).)/) { | ||
| 5678 | $bad_extension = $1; | ||
| 5679 | last; | ||
| 5680 | } | ||
| 5681 | } | ||
| 5682 | if ($bad_extension ne "") { | ||
| 5683 | my $stat_real = raw_line($linenr, 0); | ||
| 5684 | for (my $count = $linenr + 1; $count <= $lc; $count++) { | ||
| 5685 | $stat_real = $stat_real . "\n" . raw_line($count, 0); | ||
| 5686 | } | ||
| 5687 | WARN("VSPRINTF_POINTER_EXTENSION", | ||
| 5688 | "Invalid vsprintf pointer extension '$bad_extension'\n" . "$here\n$stat_real\n"); | ||
| 5689 | } | ||
| 5690 | } | ||
| 5691 | |||
| 5666 | # Check for misused memsets | 5692 | # Check for misused memsets |
| 5667 | if ($^V && $^V ge 5.10.0 && | 5693 | if ($^V && $^V ge 5.10.0 && |
| 5668 | defined $stat && | 5694 | defined $stat && |