From: Wei Liu <wei.liu2@citrix.com>
To: Andrew Cooper <andrew.cooper3@citrix.com>
Cc: xen-devel@lists.xenproject.org, Wei Liu <wei.liu2@citrix.com>,
Ian Jackson <ian.jackson@eu.citrix.com>,
Roger Pau Monne <roger.pau@citrix.com>
Subject: Re: [PATCH v2 for-4.7 10/14] libxl: add the printf-like attributes to a couple of functions
Date: Tue, 26 Apr 2016 17:00:03 +0100 [thread overview]
Message-ID: <20160426160003.GY20763@citrix.com> (raw)
In-Reply-To: <571F899C.9060807@citrix.com>
On Tue, Apr 26, 2016 at 04:30:36PM +0100, Andrew Cooper wrote:
> On 26/04/16 16:29, Wei Liu wrote:
> > On Tue, Apr 26, 2016 at 04:52:19PM +0200, Roger Pau Monne wrote:
> > [...]
> >> @@ -1995,9 +1995,10 @@ _hidden libxl__json_object *libxl__json_parse(libxl__gc *gc_opt, const char *s);
> >> _hidden int libxl__device_model_version_running(libxl__gc *gc, uint32_t domid);
> >> /* Return the system-wide default device model */
> >> _hidden libxl_device_model_version libxl__default_device_model(libxl__gc *gc);
> >> -_hidden char *libxl__device_model_xs_path(libxl__gc *gc, uint32_t dm_domid,
> >> - uint32_t domid,
> >> - const char *format, ...) PRINTF_ATTRIBUTE(4, 5);
> > Why does this not work with clang?
>
> It is a security consideration.
>
> Passing anything other than a string literal to a printf-style function
> is opening a can of worms if an untrusted entity can influence the
> content of the string.
>
I see. I didn't look closely into the function body.
> I guess clang is better at spotting parameters passed like this than GCC.
>
Sigh. I can't say I like turning that into a macro though. On the other
hand there doesn't seem to be an elegant way of solving that.
Roger, please at least make it look like a macro. Say, name it
DEVICE_MODEL_XS_PATH or something.
Wei.
> ~Andrew
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-04-26 15:59 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-26 14:52 [PATCH v2 for-4.7 00/14] Fixes for compiling with clang Roger Pau Monne
2016-04-26 14:52 ` [PATCH v2 for-4.7 01/14] build: make HOSTCC conditional on the value of clang Roger Pau Monne
2016-04-26 15:01 ` Andrew Cooper
2016-04-26 15:05 ` Doug Goldstein
2016-04-26 14:52 ` [PATCH v2 for-4.7 02/14] build: set HOSTCXX based on clang value for Kconfig xconfig target Roger Pau Monne
2016-04-26 15:01 ` Andrew Cooper
2016-04-26 15:05 ` Doug Goldstein
2016-04-26 14:52 ` [PATCH v2 for-4.7 03/14] build: pass HOST{CC/CXX} value down to Kconfig Roger Pau Monne
2016-04-26 15:02 ` Andrew Cooper
2016-04-26 15:07 ` Doug Goldstein
2016-04-26 14:52 ` [PATCH v2 for-4.7 04/14] build: remove Kconfig forced gcc selection Roger Pau Monne
2016-04-26 14:56 ` Doug Goldstein
2016-04-26 15:03 ` Andrew Cooper
2016-04-26 14:52 ` [PATCH v2 for-4.7 05/14] tools/headers: prevent adding two __align8__ to uint64_t in ARM headers Roger Pau Monne
2016-04-26 15:08 ` Andrew Cooper
2016-04-26 15:15 ` Doug Goldstein
2016-04-26 15:17 ` Wei Liu
2016-04-26 14:52 ` [PATCH v2 for-4.7 06/14] xen/tools: fix substitution of __align8__ uint64_t inside of headers Roger Pau Monne
2016-04-26 15:11 ` Andrew Cooper
2016-04-26 15:15 ` Doug Goldstein
2016-04-26 15:17 ` Wei Liu
2016-04-26 14:52 ` [PATCH v2 for-4.7 07/14] libxc: fix uninitialized variable Roger Pau Monne
2016-04-26 15:16 ` Wei Liu
2016-04-27 8:57 ` Roger Pau Monne
2016-04-27 9:06 ` Andrew Cooper
2016-04-27 10:03 ` Wei Liu
2016-04-26 14:52 ` [PATCH v2 for-4.7 08/14] libxl: fix shutdown_reason type in list_domains Roger Pau Monne
2016-04-26 15:17 ` Wei Liu
2016-04-26 15:19 ` Doug Goldstein
2016-04-26 14:52 ` [PATCH v2 for-4.7 09/14] xl: fix usage of libxl_get_scheduler Roger Pau Monne
2016-04-26 15:21 ` Doug Goldstein
2016-04-26 15:24 ` Wei Liu
2016-04-26 14:52 ` [PATCH v2 for-4.7 10/14] libxl: add the printf-like attributes to a couple of functions Roger Pau Monne
2016-04-26 15:29 ` Wei Liu
2016-04-26 15:30 ` Andrew Cooper
2016-04-26 16:00 ` Wei Liu [this message]
2016-04-28 17:26 ` Ian Jackson
2016-04-28 17:29 ` Wei Liu
2016-04-26 14:52 ` [PATCH v2 for-4.7 11/14] libxl: add explicit casts from yajl_gen_status to yajl_status Roger Pau Monne
2016-04-26 15:08 ` Wei Liu
2016-04-26 14:52 ` [PATCH v2 for-4.7 12/14] libxl: fix passing the type argument to xc_psr_* Roger Pau Monne
2016-04-26 15:37 ` Wei Liu
2016-04-28 17:29 ` Ian Jackson
2016-04-28 20:49 ` Wei Liu
2016-04-29 7:39 ` Roger Pau Monne
2016-05-18 14:45 ` [PATCH v2 for-4.7 12/14] libxl: fix passing the type argument to xc_psr_* [and 1 more messages] Ian Jackson
2016-05-18 14:54 ` Wei Liu
2016-04-26 14:52 ` [PATCH v2 for-4.7 13/14] oxenstored: fix error when shifting negative value Roger Pau Monne
2016-04-26 15:35 ` Wei Liu
2016-04-26 15:37 ` Andrew Cooper
2016-04-26 15:43 ` Wei Liu
2016-04-26 15:43 ` Andrew Cooper
2016-04-26 14:52 ` [PATCH v2 for-4.7 14/14] tools/python: corrently use LDFLAGS and CFLAGS Roger Pau Monne
2016-04-26 15:04 ` Doug Goldstein
2016-04-26 15:35 ` Wei Liu
2016-04-26 16:12 ` [PATCH v2 for-4.7 00/14] Fixes for compiling with clang Wei Liu
2016-04-26 17:20 ` Doug Goldstein
2016-04-27 10:09 ` Wei Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160426160003.GY20763@citrix.com \
--to=wei.liu2@citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=roger.pau@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.