Re: [PATCH] checkpatch: add warning on %pk instead of %pK usage

Joe Perches Fri, 10 Feb 2017 19:24:07 -0800

On Sat, 2017-02-11 at 01:32 +0000, Roberts, William C wrote:
> <snip>
> > > By "normal" I'm referring to things that call into pointer(), just
> > > casually looking I see bstr_printf vsnprintf kvasprintf, which would
> > > be easy enough to add
> > > 
> > > > What do you think is missing?  sn?printf ? That's easy to add.
> > > 
> > > The problem starts to get hairy when we think of how often folks roll
> > > their own logging macros (see some small sampling at the end).
> > > 
> > > I think we would want to add DEBUG DBG and sn?printf and maybe
> > > consider dropping the \b on the regex so it's a bit more matchy but
> > > still shouldn't end up matching on any ASM as you pointed out in the V2 
> > > nack.
> > > 
> > > Ill break this down into:
> > > 1. the patch as I know you'll take it, as you wrote it :-P 2. Adding
> > > to the logging macros 3. exploring making it less matchy
> 
> -Kees and Andrew they likely don't care about the rest of this...
> 
> I have been working up a regex (I suck at these) to match C functions that 
> have an invalid
> %p format string and take arguments:
> http://www.regexr.com/3f92k
> 
> This could be a way to get better coverage in a more generic approach, 
> thoughts?


Maybe this: (attached too because Evolution is a bad email client)

It's still kind of hacky, but it does find multiple line
statements like:

+               printf(KERN_INFO
+                      "a %pX",
+                      foo);

---
Subject: [PATCH] checkpatch: Add ability to find bad uses of vsprintf %p 
extensions

%pK was at least once misused at %pk in an out-of-tree module.
This lead to some security concerns.  Add the ability to track
single and multiple line statements for misuses of %p.

Signed-off-by: Joe Perches 
---
 scripts/checkpatch.pl | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index ad5ea5c545b2..0eaf6b8580d6 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -5676,6 +5676,32 @@ sub process {
                        }
                }
 
+               # check for vsprintf extension %p misuses
+               if ($^V && $^V ge 5.10.0 &&
+                   defined $stat &&
+                   $stat =~ /^\+(?![^\{]*\{\s*).*\b(\w+)\s*\(.*$String\s*,/s &&
+                   $1 !~ /^_*volatile_*$/) {
+                       my $bad_extension = "";
+                       my $lc = $stat =~ tr@\n@@;
+                       $lc = $lc + $linenr;
+                       for (my $count = $linenr; $count <= $lc; $count++) {
+                               my $fmt = get_quoted_string($lines[$count - 1], 
raw_line($count, 0));
+                               $fmt =~ s/%%//g;
+                               if ($fmt =~ 
/(\%[\*\d\.]*p(?![\WFfSsBKRraEhMmIiUDdgVCbGN]).)/) {
+                                       $bad_extension = $1;
+                                       last;
+                               }
+                       }
+                       if ($bad_extension ne "") {
+                               my $stat_real = raw_line($linenr, 0);
+                               for (my $count = $linenr + 1; $count <= $lc; 
$count++) {
+                                       $stat_real = $stat_real . "\n" . 
raw_line($count, 0);
+                               }
+                               WARN("VSPRINTF_POINTER_EXTENSION",
+                                    "Invalid vsprintf pointer extension 
'$bad_extension'\n" . "$here\n$stat_real\n");
+                       }
+               }
+
 # Check for misused memsets
                if ($^V && $^V ge 5.10.0 &&
                    defined $stat &&
--

From 3bd6868711efeb587c5c48e060c415a150fccaca Mon Sep 17 00:00:00 2001
Message-Id: <3bd6868711efeb587c5c48e060c415a150fccaca.1486783224.git....@perches.com>
From: Joe Perches <j...@perches.com>
Date: Fri, 10 Feb 2017 19:17:42 -0800
Subject: [PATCH] checkpatch: Add ability to find bad uses of vsprintf %p<foo>
 extensions

%pK was at least once misused at %pk in an out-of-tree module.
This lead to some security concerns.  Add the ability to track
single and multiple line statements for misuses of %p<foo>.

Signed-off-by: Joe Perches <j...@perches.com>
---
 scripts/checkpatch.pl | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index ad5ea5c545b2..0eaf6b8580d6 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -5676,7 +5676,32 @@ sub process {
 			}
 		}
 
+		# check for vsprintf extension %p<foo> misuses
+		if ($^V && $^V ge 5.10.0 &&
+		    defined $stat &&
+		    $stat =~ /^\+(?![^\{]*\{\s*).*\b(\w+)\s*\(.*$String\s*,/s &&
+		    $1 !~ /^_*volatile_*$/) {
+			my $bad_extension = "";
+			my $lc = $stat =~ tr@\n@@;
+			$lc = $lc + $linenr;
+		        for (my $count = $linenr; $count <= $lc; $count++) {
+				my $fmt = get_quoted_string($lines[$count - 1], raw_line($count, 0));
+				$fmt =~ s/%%//g;
+				if ($fmt =~ /(\%[\*\d\.]*p(?![\WFfSsBKRraEhMmIiUDdgVCbGN]).)/) {
+					$bad_extension = $1;
+					last;
+				}
+			}
+			if ($bad_extension ne "") {
+				my $stat_real = raw_line($linenr, 0);
+				for (my $count = $linenr + 1; $count <= $lc; $count++) {
+					$stat_real = $stat_real . "\n" . raw_line($count, 0);
+				}
+				WARN("VSPRINTF_POINTER_EXTENSION",
+				     "Invalid vsprintf pointer extension '$bad_extension'\n" . "$here\n$stat_real\n");
+			}
+		}
+
 # Check for misused memsets
 		if ($^V && $^V ge 5.10.0 &&
 		    defined $stat &&
-- 
2.10.0.rc2.1.g053435c

Re: [PATCH] checkpatch: add warning on %pk instead of %pK usage

Reply via email to