[PATCH 0/4] os/log: fixes for timestamps and malicious devices
djkurtz at chromium.org
Wed May 30 11:35:16 PDT 2012
On Mon, May 28, 2012 at 4:10 AM, Julien Cristau <jcristau at debian.org> wrote:
> On Wed, Apr 18, 2012 at 17:51:49 +0800, Daniel Kurtz wrote:
> > Input drivers like to prepend the device name to logging messages using
> > LogVHdrMessageVerb(). The current implementation of this function used the
> > output of a snprintf() as the format string of another snprintf(). This is a
> > big no-no, as a device name containing format strings could cause "Bad Things"
> > to happen.
> As far as I can tell this was introduced by
> 8764782f6de56a9dc5e9d5a8e9fb616a8ddb2f7c (and
> 40d5a019352fa8f12230c863e11cbb1f6258a93e) in 1.10, and earlier versions
> aren't affected by this particular issue with input device names. Can
> you confirm?
That sounds correct.
More information about the xorg-devel