Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 7 Dec 2016 16:54:14 +0100
From: Nicolas Iooss <>
Subject: Re: Picking "Write a plugin to do format string
 warnings correctly"

On Wed, Dec 7, 2016 at 12:21 AM, Ruslan Kuprieiev <>

> Hi!
> After watching a bunch of talks from Kees about security, I've finally
> decided to
> try to participate in KSPP.
> If it's not taken, I would like to start with this task:
>      Write a plugin to do format string warnings correctly (gcc's
> -Wformat-security is bad about const strings)
> Unfortunately, I wasn't able to find any details about this task. Could
> someone provide some info about it, please?

I do not know either what this task is about. Nevertheless I started
writing a plugin to check the %p... format strings in the kernel by
implementing a white-list of types associated to a format (eg. %pd used
with "struct dentry*", %pIS with a sockaddr pointer, etc.). This
work-in-progress plugin is available on
and I have used it to find bugs like the one fixed in

The main reason why my plugin is still "work-in-progress / not ready for
proper submission" is that it does not support casts well. For example if p
is a void* variable, my plugin sees printk("%s", (char *)p) as using %s on
a void*. I have not yet found how I need to modify the plugin to get the
type-casting information (I may need to specify a suitable gcc pass in the

Anyway, as this seems to be something different from "gcc's
-Wformat-security is bad about const strings", the task may be about
something else.

On a related subject, I have also written some patches in order to
automatically silent -Wformat-security warnings when using a variable as a
format string. For example some code in the kernel like to call
request_module(module_name) where module_name is a non-const variable.
Instead of "fixing" such a call with request_module("%s", module_name) I am
working on two patches which define macros to make
request_module(module_name) call a function which does not use a format
string parameter (
Would such patches be appreciated in the kernel?


Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.