[PATCH 0/4] os/log: fixes for timestamps and malicious devices

Julien Cristau jcristau at debian.org
Mon May 28 04:10:16 PDT 2012


On Wed, Apr 18, 2012 at 17:51:49 +0800, Daniel Kurtz wrote:

> Input drivers like to prepend the device name to logging messages using
> LogVHdrMessageVerb().  The current implementation of this function used the
> output of a snprintf() as the format string of another snprintf().  This is a
> big no-no, as a device name containing format strings could cause "Bad Things"
> to happen.
> 
As far as I can tell this was introduced by
8764782f6de56a9dc5e9d5a8e9fb616a8ddb2f7c (and
40d5a019352fa8f12230c863e11cbb1f6258a93e) in 1.10, and earlier versions
aren't affected by this particular issue with input device names.  Can
you confirm?

Thanks,
Julien


More information about the xorg-devel mailing list