[PATCH 0/4] os/log: fixes for timestamps and malicious devices

Daniel Kurtz djkurtz at chromium.org
Wed May 30 11:35:16 PDT 2012


On Mon, May 28, 2012 at 4:10 AM, Julien Cristau <jcristau at debian.org> wrote:
>
> On Wed, Apr 18, 2012 at 17:51:49 +0800, Daniel Kurtz wrote:
>
> > Input drivers like to prepend the device name to logging messages using
> > LogVHdrMessageVerb().  The current implementation of this function used the
> > output of a snprintf() as the format string of another snprintf().  This is a
> > big no-no, as a device name containing format strings could cause "Bad Things"
> > to happen.
> >
> As far as I can tell this was introduced by
> 8764782f6de56a9dc5e9d5a8e9fb616a8ddb2f7c (and
> 40d5a019352fa8f12230c863e11cbb1f6258a93e) in 1.10, and earlier versions
> aren't affected by this particular issue with input device names.  Can
> you confirm?
>
That sounds correct.

>
> Thanks,
> Julien


More information about the xorg-devel mailing list