Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 28 Feb 2017 15:34:41 +0000
From: "Roberts, William C" <william.c.roberts@...el.com>
To: Joe Perches <joe@...ches.com>, Andrew Morton <akpm@...ux-foundation.org>,
	Andy Whitcroft <apw@...onical.com>
CC: "kernel-hardening@...ts.openwall.com"
	<kernel-hardening@...ts.openwall.com>, "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>
Subject: RE: [PATCH] checkpatch: Add ability to find bad uses of vsprintf
 %p<foo> extensions



> -----Original Message-----
> From: Joe Perches [mailto:joe@...ches.com]
> Sent: Monday, February 27, 2017 12:55 PM
> To: Andrew Morton <akpm@...ux-foundation.org>; Andy Whitcroft
> <apw@...onical.com>
> Cc: Roberts, William C <william.c.roberts@...el.com>; kernel-
> hardening@...ts.openwall.com; linux-kernel@...r.kernel.org
> Subject: [PATCH] checkpatch: Add ability to find bad uses of vsprintf %p<foo>
> extensions
> 
> %pK was at least once misused at %pk in an out-of-tree module.
> This lead to some security concerns.  Add the ability to track single and multiple
> line statements for misuses of %p<foo>.
> 
> Signed-off-by: Joe Perches <joe@...ches.com>

Acked-By: William Roberts <william.c.roberts@...el.com>

> ---
> 
> Andrew, this has gone back and forth a few times.
> 
> It's imperfect as a patch context with just a single function addition can be
> missed, but that's not new with $stat tests and just this patch.  Perhaps one day
> the $stat identification mechanism can be improved.
> 
> Until then, can you please apply this?  Thanks.
> 
>  scripts/checkpatch.pl | 26 ++++++++++++++++++++++++++
>  1 file changed, 26 insertions(+)
> 
> diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl index
> ad5ea5c545b2..9293b8a1c121 100755
> --- a/scripts/checkpatch.pl
> +++ b/scripts/checkpatch.pl
> @@ -5676,6 +5676,32 @@ sub process {
>  			}
>  		}
> 
> +		# check for vsprintf extension %p<foo> misuses
> +		if ($^V && $^V ge 5.10.0 &&
> +		    defined $stat &&
> +		    $stat =~ /^\+(?![^\{]*\{\s*).*\b(\w+)\s*\(.*$String\s*,/s &&
> +		    $1 !~ /^_*volatile_*$/) {
> +			my $bad_extension = "";
> +			my $lc = $stat =~ tr@\n@@;
> +			$lc = $lc + $linenr;
> +		        for (my $count = $linenr; $count <= $lc; $count++) {
> +				my $fmt = get_quoted_string($lines[$count - 1],
> raw_line($count, 0));
> +				$fmt =~ s/%%//g;
> +				if ($fmt =~
> /(\%[\*\d\.]*p(?![\WFfSsBKRraEhMmIiUDdgVCbGN]).)/) {
> +					$bad_extension = $1;
> +					last;
> +				}
> +			}
> +			if ($bad_extension ne "") {
> +				my $stat_real = raw_line($linenr, 0);
> +				for (my $count = $linenr + 1; $count <= $lc;
> $count++) {
> +					$stat_real = $stat_real . "\n" .
> raw_line($count, 0);
> +				}
> +				WARN("VSPRINTF_POINTER_EXTENSION",
> +				     "Invalid vsprintf pointer extension
> '$bad_extension'\n" . "$here\n$stat_real\n");
> +			}
> +		}
> +
>  # Check for misused memsets
>  		if ($^V && $^V ge 5.10.0 &&
>  		    defined $stat &&
> --
> 2.10.0.rc2.1.g053435c

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.