[PATCH 4/8] kselftest/arm64: mte: use string literal for printf-style functions
Mark Brown
broonie at kernel.org
Fri Aug 16 09:26:33 PDT 2024
On Fri, Aug 16, 2024 at 04:32:47PM +0100, Andre Przywara wrote:
> Using pointers for the format specifier strings in printf-style
> functions can create potential security problems, as the number of
> arguments to be parsed could vary from call to call. Most compilers
> consequently warn about those:
> "format not a string literal and no format arguments [-Wformat-security]"
>
> If we only want to print a constant string, we can just use a fixed "%s"
> format instead, and pass the string as an argument.
>
> Fixes: e9b60476bea0 ("kselftest/arm64: Add utilities and a test to validate mte memory")
I'm not sure this qualifies as a fix given that all the strings we're
passing in here are trusted... otheriwse this looks good.
Reviewed-by: Mark Brown <broonie at kernel.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/linux-arm-kernel/attachments/20240816/1309d8b4/attachment.sig>
More information about the linux-arm-kernel
mailing list