| Message ID | 20240816153251.2833702-5-andre.przywara@arm.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | kselftest/arm64: various compilation fixes | expand |
On Fri, Aug 16, 2024 at 04:32:47PM +0100, Andre Przywara wrote: > Using pointers for the format specifier strings in printf-style > functions can create potential security problems, as the number of > arguments to be parsed could vary from call to call. Most compilers > consequently warn about those: > "format not a string literal and no format arguments [-Wformat-security]" > > If we only want to print a constant string, we can just use a fixed "%s" > format instead, and pass the string as an argument. > > Fixes: e9b60476bea0 ("kselftest/arm64: Add utilities and a test to validate mte memory") I'm not sure this qualifies as a fix given that all the strings we're passing in here are trusted... otheriwse this looks good. Reviewed-by: Mark Brown <broonie@kernel.org>
diff --git a/tools/testing/selftests/arm64/mte/mte_common_util.h b/tools/testing/selftests/arm64/mte/mte_common_util.h index 2d3e71724e55c..a0017a303beb2 100644 --- a/tools/testing/selftests/arm64/mte/mte_common_util.h +++ b/tools/testing/selftests/arm64/mte/mte_common_util.h @@ -77,13 +77,13 @@ static inline void evaluate_test(int err, const char *msg) { switch (err) { case KSFT_PASS: - ksft_test_result_pass(msg); + ksft_test_result_pass("%s", msg); break; case KSFT_FAIL: - ksft_test_result_fail(msg); + ksft_test_result_fail("%s", msg); break; case KSFT_SKIP: - ksft_test_result_skip(msg); + ksft_test_result_skip("%s", msg); break; default: ksft_test_result_error("Unknown return code %d from %s",
Using pointers for the format specifier strings in printf-style functions can create potential security problems, as the number of arguments to be parsed could vary from call to call. Most compilers consequently warn about those: "format not a string literal and no format arguments [-Wformat-security]" If we only want to print a constant string, we can just use a fixed "%s" format instead, and pass the string as an argument. Fixes: e9b60476bea0 ("kselftest/arm64: Add utilities and a test to validate mte memory") Signed-off-by: Andre Przywara <andre.przywara@arm.com> --- tools/testing/selftests/arm64/mte/mte_common_util.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)