From patchwork Mon Dec 19 13:01:59 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= X-Patchwork-Id: 13076560 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 13AE1C4167B for ; Mon, 19 Dec 2022 13:02:39 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.466032.724855 (Exim 4.92) (envelope-from ) id 1p7Fme-0006Yd-HM; Mon, 19 Dec 2022 13:02:20 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 466032.724855; Mon, 19 Dec 2022 13:02:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1p7Fme-0006YW-DB; Mon, 19 Dec 2022 13:02:20 +0000 Received: by outflank-mailman (input) for mailman id 466032; Mon, 19 Dec 2022 13:02:19 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1p7Fmc-0006YQ-Kl for xen-devel@lists.xenproject.org; Mon, 19 Dec 2022 13:02:19 +0000 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 57137575-7f9d-11ed-8fd4-01056ac49cbb; Mon, 19 Dec 2022 14:02:07 +0100 (CET) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-395-8JV0muoNMwyA4rcqg3b1mQ-1; Mon, 19 Dec 2022 08:02:07 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id F26F7810BD2; Mon, 19 Dec 2022 13:02:06 +0000 (UTC) Received: from virtlab420.virt.lab.eng.bos.redhat.com (virtlab420.virt.lab.eng.bos.redhat.com [10.19.152.148]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1FEE114152F6; Mon, 19 Dec 2022 13:02:06 +0000 (UTC) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 57137575-7f9d-11ed-8fd4-01056ac49cbb DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1671454935; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=QVqSB9wB2qrALRQPMZT6ihrQ0/2mf+IxHI35zGJFZFg=; b=cM0IpFyykyiogLFLz6X7DZRdy6Rkqu+QfPQjgUCx9xBbZVTgJoGMx9k5cgZXKboe2dnuyi 56B5U04gKL7sA5azsgFCrSZn1/TTmT5+3wtHdCS2xlZ+f0PKtWRhxtyy1iYhjRmcstV8qd IYpxawX7T5FuH/BeigSXTFOzPlhFhks= X-MC-Unique: 8JV0muoNMwyA4rcqg3b1mQ-1 From: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= To: qemu-devel@nongnu.org Cc: "Dr. David Alan Gilbert" , qemu-ppc@nongnu.org, xen-devel@lists.xenproject.org, Laurent Vivier , Markus Armbruster , Daniel Henrique Barboza , virtio-fs@redhat.com, Michael Roth , =?utf-8?q?Alex_Benn=C3=A9e?= , qemu-block@nongnu.org, Peter Maydell , qemu-arm@nongnu.org, Paul Durrant , Anthony Perard , David Gibson , =?utf-8?q?C=C3=A9dric_Le_Goater?= , John Snow , Stefan Hajnoczi , Paolo Bonzini , Stefano Stabellini , Gerd Hoffmann , Greg Kurz , Thomas Huth , =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= Subject: [PATCH 0/6] enforce use of G_GNUC_PRINTF annotations Date: Mon, 19 Dec 2022 08:01:59 -0500 Message-Id: <20221219130205.687815-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 We've been very gradually adding G_GNUC_PRINTF annotations to functions over years. This has been useful in detecting certain malformed printf strings, or cases where we pass user data as the printf format which is a potential security flaw. Given the inherant memory corruption danger in use of format strings vs mis-matched variadic arguments, it is worth applying G_GNUC_PRINTF to all functions using printf, even if we know they are safe. The compilers can reasonably reliably identify such places with the -Wsuggest-attribute=format / -Wmissing-format-attribute flags. This series adds G_GNUC_PRINTF / G_GNUC_SCANF to allow the code locations that the compilers highlight. Then it adds the above warning flags to the build flags, to catch any future additions of functions that take printf/scanf format strings. Daniel P. Berrangé (6): disas: add G_GNUC_PRINTF to gstring_printf hw/xen: use G_GNUC_PRINTF/SCANF for various functions tools/virtiofsd: add G_GNUC_PRINTF for logging functions util/error: add G_GNUC_PRINTF for various functions tests: add G_GNUC_PRINTF for various functions enforce use of G_GNUC_PRINTF attributes configure | 2 ++ disas.c | 1 + hw/xen/xen-bus.c | 1 + hw/xen/xen_pvdev.c | 1 + include/hw/xen/xen-bus-helper.h | 6 ++++-- include/hw/xen/xen-bus.h | 3 ++- tests/qtest/ahci-test.c | 3 +++ tests/qtest/arm-cpu-features.c | 1 + tests/qtest/erst-test.c | 2 +- tests/qtest/ide-test.c | 3 ++- tests/qtest/ivshmem-test.c | 4 ++-- tests/qtest/libqmp.c | 2 +- tests/qtest/libqos/libqos-pc.h | 6 ++++-- tests/qtest/libqos/libqos-spapr.h | 6 ++++-- tests/qtest/libqos/libqos.h | 6 ++++-- tests/qtest/libqos/virtio-9p.c | 1 + tests/qtest/migration-helpers.h | 1 + tests/qtest/rtas-test.c | 2 +- tests/qtest/usb-hcd-uhci-test.c | 4 ++-- tests/unit/test-qmp-cmds.c | 13 +++++++++---- tools/virtiofsd/fuse_log.c | 1 + tools/virtiofsd/fuse_log.h | 6 ++++-- tools/virtiofsd/passthrough_ll.c | 1 + util/error-report.c | 1 + util/error.c | 1 + 25 files changed, 55 insertions(+), 23 deletions(-)