On Wed, 18 Oct 2017 10:15:59 +1100 "Tobin C. Harding" <m...@tobin.cc> wrote:
> > Does %p[FfSs] leak addresses? Well, I guess it does if they are not > > found in kallsyms, but otherwise you have: > > > > function+0x<offset> > > You are correct %pF and %pS print an offset. Does this provide an attack > vector, > I didn't think so but I'm no security expert. If they do then we need to amend > those calls also. Hopefully not. We changed stack dumps to use them only instead of showing addresses because of the location leak. -- Steve
