drivers: avoid parsing names as kthread_run() format strings Calling kthread_run with a single name parameter causes it to be handled as a format string. Many callers are passing potentially dynamic string content, so use "%s" in those cases to avoid any potential accidents. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

commit: f170168b9a0b61ea1e647b082b38f605f1d3de3e [log] [tgz]
author: Kees Cook <keescook@chromium.org> Wed Jul 03 15:04:58 2013 -0700
committer: Linus Torvalds <torvalds@linux-foundation.org> Wed Jul 03 16:07:41 2013 -0700
tree: 4381c129ee9af108e368e6c8255df53cbe233257
parent: d8537548c924db3c44afde7646b6e220c7beb79d [diff] [blame]
diff --git a/fs/nfs/nfs4state.c b/fs/nfs/nfs4state.c
index ff10b4a..5541881 100644
--- a/fs/nfs/nfs4state.c
+++ b/fs/nfs/nfs4state.c

@@ -1194,7 +1194,7 @@
 	snprintf(buf, sizeof(buf), "%s-manager",
 			rpc_peeraddr2str(clp->cl_rpcclient, RPC_DISPLAY_ADDR));
 	rcu_read_unlock();
-	task = kthread_run(nfs4_run_state_manager, clp, buf);
+	task = kthread_run(nfs4_run_state_manager, clp, "%s", buf);
 	if (IS_ERR(task)) {
 		printk(KERN_ERR "%s: kthread_run: %ld\n",
 			__func__, PTR_ERR(task));
commit	f170168b9a0b61ea1e647b082b38f605f1d3de3e	[log] [tgz]
author	Kees Cook <keescook@chromium.org>	Wed Jul 03 15:04:58 2013 -0700
committer	Linus Torvalds <torvalds@linux-foundation.org>	Wed Jul 03 16:07:41 2013 -0700
tree	4381c129ee9af108e368e6c8255df53cbe233257
parent	d8537548c924db3c44afde7646b6e220c7beb79d [diff] [blame]