Searched hist:"399368 aa" (Results 1 – 3 of 3) sorted by relevance
/openbmc/linux/drivers/gpu/drm/rockchip/ |
H A D | rockchip_drm_drv.c | 399368aa Fri Dec 11 04:20:27 CST 2015 Nicolas Iooss <nicolas.iooss_linux@m4x.org> drm: make drm_dev_set_unique() not use a format string
drm_dev_set_unique() uses a format string to define the unique name of a device. This feature is not used as currently all the calls to this function either use "%s" as a format string or directly use dev_name().
Even though this second kind of call does not introduce security problems, because there cannot be "%" characters in dev_name() results, gcc issues a warning when building with -Wformat-security flag ("warning: format string is not a string literal (potentially insecure)"). This warning is useful to find real bugs like the one fixed by commit 3958b79266b1 ("configfs: fix kernel infoleak through user-controlled format string"). False positives which do not bring an extra value make the work of finding real bugs harder.
Therefore remove the format-string feature from drm_dev_set_unique().
Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@m4x.org> Link: http://patchwork.freedesktop.org/patch/msgid/1449829228-4425-1-git-send-email-nicolas.iooss_linux@m4x.org Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch> 399368aa Fri Dec 11 04:20:27 CST 2015 Nicolas Iooss <nicolas.iooss_linux@m4x.org> drm: make drm_dev_set_unique() not use a format string drm_dev_set_unique() uses a format string to define the unique name of a device. This feature is not used as currently all the calls to this function either use "%s" as a format string or directly use dev_name(). Even though this second kind of call does not introduce security problems, because there cannot be "%" characters in dev_name() results, gcc issues a warning when building with -Wformat-security flag ("warning: format string is not a string literal (potentially insecure)"). This warning is useful to find real bugs like the one fixed by commit 3958b79266b1 ("configfs: fix kernel infoleak through user-controlled format string"). False positives which do not bring an extra value make the work of finding real bugs harder. Therefore remove the format-string feature from drm_dev_set_unique(). Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@m4x.org> Link: http://patchwork.freedesktop.org/patch/msgid/1449829228-4425-1-git-send-email-nicolas.iooss_linux@m4x.org Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
|
/openbmc/linux/drivers/gpu/drm/nouveau/ |
H A D | nouveau_drm.c | 399368aa Fri Dec 11 04:20:27 CST 2015 Nicolas Iooss <nicolas.iooss_linux@m4x.org> drm: make drm_dev_set_unique() not use a format string
drm_dev_set_unique() uses a format string to define the unique name of a device. This feature is not used as currently all the calls to this function either use "%s" as a format string or directly use dev_name().
Even though this second kind of call does not introduce security problems, because there cannot be "%" characters in dev_name() results, gcc issues a warning when building with -Wformat-security flag ("warning: format string is not a string literal (potentially insecure)"). This warning is useful to find real bugs like the one fixed by commit 3958b79266b1 ("configfs: fix kernel infoleak through user-controlled format string"). False positives which do not bring an extra value make the work of finding real bugs harder.
Therefore remove the format-string feature from drm_dev_set_unique().
Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@m4x.org> Link: http://patchwork.freedesktop.org/patch/msgid/1449829228-4425-1-git-send-email-nicolas.iooss_linux@m4x.org Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch> 399368aa Fri Dec 11 04:20:27 CST 2015 Nicolas Iooss <nicolas.iooss_linux@m4x.org> drm: make drm_dev_set_unique() not use a format string drm_dev_set_unique() uses a format string to define the unique name of a device. This feature is not used as currently all the calls to this function either use "%s" as a format string or directly use dev_name(). Even though this second kind of call does not introduce security problems, because there cannot be "%" characters in dev_name() results, gcc issues a warning when building with -Wformat-security flag ("warning: format string is not a string literal (potentially insecure)"). This warning is useful to find real bugs like the one fixed by commit 3958b79266b1 ("configfs: fix kernel infoleak through user-controlled format string"). False positives which do not bring an extra value make the work of finding real bugs harder. Therefore remove the format-string feature from drm_dev_set_unique(). Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@m4x.org> Link: http://patchwork.freedesktop.org/patch/msgid/1449829228-4425-1-git-send-email-nicolas.iooss_linux@m4x.org Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
|
/openbmc/linux/drivers/gpu/drm/ |
H A D | drm_drv.c | 399368aa Fri Dec 11 04:20:27 CST 2015 Nicolas Iooss <nicolas.iooss_linux@m4x.org> drm: make drm_dev_set_unique() not use a format string
drm_dev_set_unique() uses a format string to define the unique name of a device. This feature is not used as currently all the calls to this function either use "%s" as a format string or directly use dev_name().
Even though this second kind of call does not introduce security problems, because there cannot be "%" characters in dev_name() results, gcc issues a warning when building with -Wformat-security flag ("warning: format string is not a string literal (potentially insecure)"). This warning is useful to find real bugs like the one fixed by commit 3958b79266b1 ("configfs: fix kernel infoleak through user-controlled format string"). False positives which do not bring an extra value make the work of finding real bugs harder.
Therefore remove the format-string feature from drm_dev_set_unique().
Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@m4x.org> Link: http://patchwork.freedesktop.org/patch/msgid/1449829228-4425-1-git-send-email-nicolas.iooss_linux@m4x.org Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch> 399368aa Fri Dec 11 04:20:27 CST 2015 Nicolas Iooss <nicolas.iooss_linux@m4x.org> drm: make drm_dev_set_unique() not use a format string drm_dev_set_unique() uses a format string to define the unique name of a device. This feature is not used as currently all the calls to this function either use "%s" as a format string or directly use dev_name(). Even though this second kind of call does not introduce security problems, because there cannot be "%" characters in dev_name() results, gcc issues a warning when building with -Wformat-security flag ("warning: format string is not a string literal (potentially insecure)"). This warning is useful to find real bugs like the one fixed by commit 3958b79266b1 ("configfs: fix kernel infoleak through user-controlled format string"). False positives which do not bring an extra value make the work of finding real bugs harder. Therefore remove the format-string feature from drm_dev_set_unique(). Signed-off-by: Nicolas Iooss <nicolas.iooss_linux@m4x.org> Link: http://patchwork.freedesktop.org/patch/msgid/1449829228-4425-1-git-send-email-nicolas.iooss_linux@m4x.org Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
|