On 2018-02-21 01:02, Andrew Morton wrote: > On Sat, 17 Feb 2018 16:06:42 +0200 Andy Shevchenko > <andy.shevche...@gmail.com> wrote: > >> On Sat, Feb 17, 2018 at 9:20 AM, Alexey Dobriyan <adobri...@gmail.com> wrote: >>> Signed-off-by: Alexey Dobriyan <adobri...@gmail.com> >> >> >>> - seq_printf(m, "%s", symname); >>> + seq_puts(m, symname); >> >> While this might have no security concerns, the pattern might be >> brainlessly used by some janitors and there would have security >> implications. > > And I'd like to see a changelog, please. One which explains why > `symname' cannot have a %s (etc) in it, and never will.
OK, since #youtoo: It doesn't _matter_ if symname is "%pHAHAHA %fooled you <unicode for evil grin emoji>", seq_puts does not interpret it at all. There are _never_ security implications with the above replacement. Sure, seq_printf(m, symname) would be bad, but that's not what is being done. AFAICT, this should always lead to slightly smaller code (one less parameter passed) and in all likelyhood also slightly faster (no format interpretation, no slow char-by-char handling by the string() function etc.). So the only case where I'd think this should not necessarily be done would be in a long sequence of seq_printf, where only one or two could be replaced by seq_puts/seq_putc. Rasmus
