[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 for-4.7 10/14] libxl: add the printf-like attributes to a couple of functions

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
From: Wei Liu <wei.liu2@xxxxxxxxxx>
Date: Tue, 26 Apr 2016 17:00:03 +0100
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Wei Liu <wei.liu2@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>
Delivery-date: Tue, 26 Apr 2016 15:59:43 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Tue, Apr 26, 2016 at 04:30:36PM +0100, Andrew Cooper wrote:
> On 26/04/16 16:29, Wei Liu wrote:
> > On Tue, Apr 26, 2016 at 04:52:19PM +0200, Roger Pau Monne wrote:
> > [...]
> >> @@ -1995,9 +1995,10 @@ _hidden libxl__json_object 
> >> *libxl__json_parse(libxl__gc *gc_opt, const char *s);
> >>  _hidden int libxl__device_model_version_running(libxl__gc *gc, uint32_t 
> >> domid);
> >>    /* Return the system-wide default device model */
> >>  _hidden libxl_device_model_version libxl__default_device_model(libxl__gc 
> >> *gc);
> >> -_hidden char *libxl__device_model_xs_path(libxl__gc *gc, uint32_t 
> >> dm_domid,
> >> -                                          uint32_t domid,
> >> -                                          const char *format, ...) 
> >> PRINTF_ATTRIBUTE(4, 5);
> > Why does this not work with clang?
> 
> It is a security consideration.
> 
> Passing anything other than a string literal to a printf-style function
> is opening a can of worms if an untrusted entity can influence the
> content of the string.
> 

I see. I didn't look closely into the function body.

> I guess clang is better at spotting parameters passed like this than GCC.
> 

Sigh. I can't say I like turning that into a macro though. On the other
hand there doesn't seem to be an elegant way of solving that.

Roger, please at least make it look like a macro. Say, name it
DEVICE_MODEL_XS_PATH or something.

Wei.

> ~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v2 for-4.7 10/14] libxl: add the printf-like attributes to a couple of functions
  - From: Ian Jackson

References:
- [Xen-devel] [PATCH v2 for-4.7 00/14] Fixes for compiling with clang
  - From: Roger Pau Monne
- [Xen-devel] [PATCH v2 for-4.7 10/14] libxl: add the printf-like attributes to a couple of functions
  - From: Roger Pau Monne
- Re: [Xen-devel] [PATCH v2 for-4.7 10/14] libxl: add the printf-like attributes to a couple of functions
  - From: Wei Liu
- Re: [Xen-devel] [PATCH v2 for-4.7 10/14] libxl: add the printf-like attributes to a couple of functions
  - From: Andrew Cooper

Prev by Date: Re: [Xen-devel] [PATCH v9 17/27] xsplice: Add support for bug frames.
Next by Date: Re: [Xen-devel] [PATCH v9 18/27] xsplice: Add support for exception tables.
Previous by thread: Re: [Xen-devel] [PATCH v2 for-4.7 10/14] libxl: add the printf-like attributes to a couple of functions
Next by thread: Re: [Xen-devel] [PATCH v2 for-4.7 10/14] libxl: add the printf-like attributes to a couple of functions
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.