diff options
| author | Ed Maste <emaste@FreeBSD.org> | 2020-05-09 15:56:02 +0000 |
|---|---|---|
| committer | Ed Maste <emaste@FreeBSD.org> | 2020-05-09 15:56:02 +0000 |
| commit | 937b352e23839361e7bcbc84d0e180c1c3bb9285 (patch) | |
| tree | 377a80d30913b28642fdb79b22693d5b6396808a | |
| parent | 75c600d2870d2d14fb9b2b97bfb79a41967f9191 (diff) | |
remove %n support from printf(9)
It can be dangerous and there is no need for it in the kernel.
Inspired by Kees Cook's change in Linux, and later OpenBSD.
Reviewed by: cem, gordon, philip
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D24760
Notes
Notes:
svn path=/head/; revision=360849
| -rw-r--r-- | share/man/man9/printf.9 | 8 | ||||
| -rw-r--r-- | sys/kern/subr_prf.c | 18 |
2 files changed, 17 insertions, 9 deletions
diff --git a/share/man/man9/printf.9 b/share/man/man9/printf.9 index 0b4bd826aa5c..1a3640871bd1 100644 --- a/share/man/man9/printf.9 +++ b/share/man/man9/printf.9 @@ -26,7 +26,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 18, 2015 +.Dd May 9, 2020 .Dt PRINTF 9 .Os .Sh NAME @@ -83,7 +83,7 @@ parameter in the same manner as .Xr printf 3 . However, .Xr printf 9 -adds two other conversion specifiers. +adds two other conversion specifiers and omits one. .Pp The .Cm \&%b @@ -121,6 +121,10 @@ If present, a width directive will specify the number of bytes to display. By default, 16 bytes of data are output. .Pp The +.Cm \&%n +conversion specifier is not supported. +.Pp +The .Fn log function uses .Xr syslog 3 diff --git a/sys/kern/subr_prf.c b/sys/kern/subr_prf.c index 20f8b3ae3e3f..31117c4e3415 100644 --- a/sys/kern/subr_prf.c +++ b/sys/kern/subr_prf.c @@ -775,20 +775,24 @@ reswitch: switch (ch = (u_char)*fmt++) { lflag = 1; goto reswitch; case 'n': + /* + * We do not support %n in kernel, but consume the + * argument. + */ if (jflag) - *(va_arg(ap, intmax_t *)) = retval; + (void)va_arg(ap, intmax_t *); else if (qflag) - *(va_arg(ap, quad_t *)) = retval; + (void)va_arg(ap, quad_t *); else if (lflag) - *(va_arg(ap, long *)) = retval; + (void)va_arg(ap, long *); else if (zflag) - *(va_arg(ap, size_t *)) = retval; + (void)va_arg(ap, size_t *); else if (hflag) - *(va_arg(ap, short *)) = retval; + (void)va_arg(ap, short *); else if (cflag) - *(va_arg(ap, char *)) = retval; + (void)va_arg(ap, char *); else - *(va_arg(ap, int *)) = retval; + (void)va_arg(ap, int *); break; case 'o': base = 8; |