Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp768869ybt; Wed, 17 Jun 2020 13:31:58 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxNlZ2lKpphVRJIIvnJltCO8YHGA0RwyR2UCEEYafWKN4aTJax22TLYoUH5RN49d+UubvcJ X-Received: by 2002:a17:906:c1c4:: with SMTP id bw4mr887563ejb.452.1592425918774; Wed, 17 Jun 2020 13:31:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592425918; cv=none; d=google.com; s=arc-20160816; b=jB8Pyx0ngDfSCvm0X2vi2ZE+GHCtnYZghRop6a6wLI8sxc8KRxSl4AzHe+bcIiCQu1 snr5t5kuLAXf2UFXZmNywhJW3WAyOOfcS7sue1f1fyrPC/VVpzqpYk4qthu0wZWCT44q mOjPsAXqeK3yMbtXwhtWv5b4bnWwQhtLmQOyITbIG644hq63r41N4TA1bAYJ1AWJqNwc OWhEJEx99+xnDoAOQVjCMtl0Vl2fjS68s7jqs5aT0IlFpuA4TcujmJ56z9bLebqsIS1r VHYLwSxuTmOX/+UhNqtfAAg9jhQ4taa68DCy5JJA4av04+BjXoPwc3kPRSZfMS2M3/Or UU0w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=TL88+CJbzOkqSEkCq925LVNQVlS+M0hDMXvyBoaO49U=; b=kXn9CPfhQT42CPif3t/dOCBYwnjffbG6yM9hqbXyLdvTiAD15EasYI06BLCpRl3m3B hGCH4nJl/jJBVPzayubQ4hF/bMzAerm82BXIOBlsij2k2e337JS+uWM8cPFmYZ4hmb6z /DsL2Zw9eH8u51EAGkC6LrhpQDphWYjvcd5fMrOdLAbkkGig4OIYEVwcHP0yaqocGWxh SZCEiG8PXQj/mJ0oKjv/4Mqf6rq7UiLSlNaY0o7lhd7BpQyFZU3gGXQAXry7enR630Gs kaoDC5ECN/3ofbqIQePRcZz3HnbuH9iPpxKBGzB+R4QlAJgh0AAoPgkbaVER+5QPFouJ mwVg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p6si542105ejb.575.2020.06.17.13.31.35; Wed, 17 Jun 2020 13:31:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726857AbgFQU1q (ORCPT + 99 others); Wed, 17 Jun 2020 16:27:46 -0400 Received: from mail2-relais-roc.national.inria.fr ([192.134.164.83]:29098 "EHLO mail2-relais-roc.national.inria.fr" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726758AbgFQU1q (ORCPT ); Wed, 17 Jun 2020 16:27:46 -0400 X-IronPort-AV: E=Sophos;i="5.73,523,1583190000"; d="scan'208";a="455254845" Received: from abo-173-121-68.mrs.modulonet.fr (HELO hadrien) ([85.68.121.173]) by mail2-relais-roc.national.inria.fr with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 Jun 2020 22:27:43 +0200 Date: Wed, 17 Jun 2020 22:27:43 +0200 (CEST) From: Julia Lawall X-X-Sender: jll@hadrien To: Denis Efremov cc: linux-kernel@vger.kernel.org, cocci@systeme.lip6.fr Subject: Re: [Cocci] [PATCH] coccinelle: api: add device_attr_show script In-Reply-To: <20200615130242.11825-1-efremov@linux.com> Message-ID: References: <20200615130242.11825-1-efremov@linux.com> User-Agent: Alpine 2.22 (DEB 394 2020-01-19) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 15 Jun 2020, Denis Efremov wrote: > According to the documentation[1] show() methods of device attributes > should return the number of bytes printed into the buffer. This is > the return value of scnprintf(). show() must not use snprintf() > when formatting the value to be returned to user space. snprintf() > returns the length the resulting string would be, assuming it all > fit into the destination array[2]. scnprintf() return the length of > the string actually created in buf. If one can guarantee that an > overflow will never happen sprintf() can be used otherwise scnprintf(). The semantic patch looks fine. Do you have any accepted patches from this? julia > > [1] Documentation/filesystems/sysfs.txt > [2] "snprintf() confusion" https://lwn.net/Articles/69419/ > > Signed-off-by: Denis Efremov > --- > scripts/coccinelle/api/device_attr_show.cocci | 55 +++++++++++++++++++ > 1 file changed, 55 insertions(+) > create mode 100644 scripts/coccinelle/api/device_attr_show.cocci > > diff --git a/scripts/coccinelle/api/device_attr_show.cocci b/scripts/coccinelle/api/device_attr_show.cocci > new file mode 100644 > index 000000000000..d8ec4bb8ac41 > --- /dev/null > +++ b/scripts/coccinelle/api/device_attr_show.cocci > @@ -0,0 +1,55 @@ > +// SPDX-License-Identifier: GPL-2.0-only > +/// > +/// From Documentation/filesystems/sysfs.txt: > +/// show() must not use snprintf() when formatting the value to be > +/// returned to user space. If you can guarantee that an overflow > +/// will never happen you can use sprintf() otherwise you must use > +/// scnprintf(). > +/// > +// Confidence: High > +// Copyright: (C) 2020 Denis Efremov ISPRAS > +// Options: --no-includes --include-headers > +// > + > +virtual report > +virtual org > +virtual context > +virtual patch > + > +@r depends on !patch@ > +identifier show, dev, attr, buf; > +position p; > +@@ > + > +ssize_t show(struct device *dev, struct device_attribute *attr, char *buf) > +{ > + <... > +* return snprintf@p(...); > + ...> > +} > + > +@rp depends on patch@ > +identifier show, dev, attr, buf; > +@@ > + > +ssize_t show(struct device *dev, struct device_attribute *attr, char *buf) > +{ > + <... > + return > +- snprintf > ++ scnprintf > + (...); > + ...> > +} > + > +@script: python depends on report@ > +p << r.p; > +@@ > + > +coccilib.report.print_report(p[0], "WARNING: use scnprintf or sprintf") > + > +@script: python depends on org@ > +p << r.p; > +@@ > + > +coccilib.org.print_todo(p[0], "WARNING: use scnprintf or sprintf") > -- > 2.26.2 > > _______________________________________________ > Cocci mailing list > Cocci@systeme.lip6.fr > https://systeme.lip6.fr/mailman/listinfo/cocci >