Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp677326pxu;
        Wed, 6 Jan 2021 01:04:06 -0800 (PST)
X-Google-Smtp-Source: ABdhPJxSPDXz+QcVchST80DiHTod9hSJMtwwVkEjTRgAZgLrB/qSPL9+SZYsWGqUcqy7f/niGDZ3
X-Received: by 2002:a17:906:71ca:: with SMTP id i10mr2100279ejk.528.1609923846051;
        Wed, 06 Jan 2021 01:04:06 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1609923846; cv=none;
        d=google.com; s=arc-20160816;
        b=AzRkuerPyfJhgl/0M2QiAL09H0ZfRIwzXPUqA+Y4DhzaBtiNpYgyr3NLxwLA9ab0Y7
         byrpTe9uvjXTHf5DN0yXsPWXbo9s1Ii54l7zd36WbVCmAzRz2PXsfD2a2bMYTQBMVTbZ
         7nhr0QnMk0cidvWWzPetCqcHQjFsWJtQd6l1SibLklbe7wE094O9FK71YBVvj1H5H2gW
         BpFw719LEMjtAuK3IOAp4olwJN5orKpEkqq9RYUppK55b4dPn/gd24BlCu3HeWMAe7nX
         lOluERxCr6pitbQsNHeMUUxG4L2JYF8w4H3CzYkPDuPNDwuhllMCoN21cInsbAYTElIr
         Lw/Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:date:cc:to:from:subject
         :message-id;
        bh=AV3beXi6eFBP7x1l1dTmDYZoxdbo/iCMawi4x44aY2Q=;
        b=gvvp9M9OnkXpjdvtTjcv+EyyFWMUj8IkD7lh9lB7ReMhvhtEt341TBJ2RsiKs4l64U
         Lkyb9otcbQOhyp8Yr8JyQlfxxpoM/ItbIAiQaJgtE4CE/LXTOBamnPoTay4N02SNnLvS
         QhRjnceAzVWYJk4mH6MOniqkaMOX7RFCm9SCNin3oVx0R9iK1QNNDODqKA48zZy9o6ck
         /L1I7qiTxNqwxnb9m2V6DQllALQVG4+SOcQxpQZEwKGvUGinV6/0gushIygRx48Q5aBu
         hVILLa83WG2B9cAY35DnPWdQdrRXcRTVihKfGcix+cNnOVg8vc1XWaNQXw35ggTNK85k
         ESDA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id 7si681777edw.324.2021.01.06.01.03.42;
        Wed, 06 Jan 2021 01:04:06 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726157AbhAFJCW (ORCPT
        <rfc822;linuxmailingsubscription@gmail.com> + 99 others);
        Wed, 6 Jan 2021 04:02:22 -0500
Received: from smtprelay0014.hostedemail.com ([216.40.44.14]:57342 "EHLO
        smtprelay.hostedemail.com" rhost-flags-OK-OK-OK-FAIL)
        by vger.kernel.org with ESMTP id S1726076AbhAFJCW (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 6 Jan 2021 04:02:22 -0500
Received: from filter.hostedemail.com (clb03-v110.bra.tucows.net [216.40.38.60])
        by smtprelay05.hostedemail.com (Postfix) with ESMTP id 2625918037C58;
        Wed,  6 Jan 2021 09:01:41 +0000 (UTC)
X-Session-Marker: 6A6F6540706572636865732E636F6D
X-Spam-Summary: 2,0,0,,d41d8cd98f00b204,joe@perches.com,,RULES_HIT:41:355:379:599:973:988:989:1260:1261:1277:1311:1313:1314:1345:1359:1437:1515:1516:1518:1534:1540:1593:1594:1711:1730:1747:1777:1792:2393:2559:2562:2828:2892:3138:3139:3140:3141:3142:3352:3622:3865:3866:3867:3868:3870:3871:3872:4250:4321:4384:4605:5007:7652:10004:10400:10848:11232:11658:11914:12296:12297:12740:12760:12895:13069:13311:13357:13439:14659:14721:21080:21627:21990:30029:30034:30054:30075:30091,0,RBL:none,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:,MSBL:0,DNSBL:none,Custom_rules:0:0:0,LFtime:1,LUA_SUMMARY:none
X-HE-Tag: duck79_510625a274e0
X-Filterd-Recvd-Size: 1842
Received: from [192.168.1.159] (unknown [47.151.137.21])
        (Authenticated sender: joe@perches.com)
        by omf20.hostedemail.com (Postfix) with ESMTPA;
        Wed,  6 Jan 2021 09:01:39 +0000 (UTC)
Message-ID: <2d5f6ffcf47ec4675cde21ff52fc70a9dd13b023.camel@perches.com>
Subject: Re: [PATCH] thinkpad_acpi: fix: use scnprintf instead of snprintf.
From:   Joe Perches <joe@perches.com>
To:     YANG LI <abaci-bugfix@linux.alibaba.com>, hdegoede@redhat.com
Cc:     mgross@linux.intel.com, ibm-acpi@hmh.eng.br,
        ibm-acpi-devel@lists.sourceforge.net,
        platform-driver-x86@vger.kernel.org, linux-kernel@vger.kernel.org
Date:   Wed, 06 Jan 2021 01:01:37 -0800
In-Reply-To: <1609914976-28113-1-git-send-email-abaci-bugfix@linux.alibaba.com>
References: <1609914976-28113-1-git-send-email-abaci-bugfix@linux.alibaba.com>
Content-Type: text/plain; charset="ISO-8859-1"
User-Agent: Evolution 3.38.1-1 
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, 2021-01-06 at 14:36 +0800, YANG LI wrote:
> The snprintf() function returns the number of characters which would
> have been printed if there were enough space, but the scnprintf()
> returns the number of characters which were actually printed. If the
> buffer is not large enough, then using snprintf() would result in a
> read overflow and an information leak. This error was found with the
> help of coccicheck.

In all cases, the buffer _is_ large enough.

tmpi is length 5 and ok.
include/sound/core.h:   char shortname[32];             /* short name of this soundcard */
include/sound/core.h:   char longname[80];              /* name of this soundcard */
include/sound/core.h:   char mixername[80];             /* mixer name */

_show function lengths are OK for all the uses with PAGE_SIZE.
And it's probably better to use sysfs_emit for all the _show functions