Received: by 2002:a05:6a10:f3d0:0:0:0:0 with SMTP id a16csp1631778pxv; Sat, 10 Jul 2021 10:05:40 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyS2Okmk19LEIr6fypKV7z1NdFt70AcsZxgCL+PqvgSTsF4lbgyhAlB897xAmZx8QOkpxyr X-Received: by 2002:a5e:970a:: with SMTP id w10mr31791488ioj.46.1625936740210; Sat, 10 Jul 2021 10:05:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1625936740; cv=none; d=google.com; s=arc-20160816; b=V5fk+c5q6N6KAFf20a9d8Svdb4X7eiQjRZWVL6MJ++QrtO+FftpxsnqfIZehdO2Xi8 mxpdVq7Yt5aDr7G3dwqg4/J9Qz9ueAQ3Cpj25nj4oBog8Dhb0tdx8hSwjTCQYZ23hSEh bBf/hjsnvmf5KzBfC8WF2916sDyBwdfmTqVvHOLSiSFfxsj2H/unCOB9J3oCN4gBmwSY UOsyrOF1Db3BJFbNk6qGxsZFrSdvfErLUPcSDWzyy6XbvQV9Vm2MQJmQbwitBNMjnd3S 7Nk217w0sram4am/w3e6XNZvG8RgZU8XBmUHMdxFSjszAz0nVMwNGZG8inv8Kg9EGXYh Q+wQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id; bh=HR5Phxv62CNjsdghVceL+RAQ40feHTGOyJZL53lK4xY=; b=GrJl0UixDJaak0TFgtd+2ek/h0yLlrl5RqOJzHCZMwxTCMDiybIT9afHbjsx7zdWMr 2IUthzeT/fiLq8hmRlptWc7pZoSTLhkCcijAudxuzDjYTK8PbqqowKKAXc9+Ed2y/i9y JNMHIFtDuemhq11BJfSjvDs89IDncIUqkxZmJ/5ymNHch/BP8C8DMYH4Bqca4SSLH6Is WPaJPsc273FkoHq89dJoT4UgJyiVqbWh3n/c5Z2NU+JJ1fS96E1DmRAaP5C9o2jjbu4C uryakW+wy9SUZz0lgMhWI83wOh6PtARcRK/W1n+au9hT0/LF9mgkt+0pcyCZimmFb+K5 RI4g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id u12si11217004ilm.144.2021.07.10.10.05.24; Sat, 10 Jul 2021 10:05:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229791AbhGJRHh (ORCPT + 99 others); Sat, 10 Jul 2021 13:07:37 -0400 Received: from smtprelay0137.hostedemail.com ([216.40.44.137]:36890 "EHLO smtprelay.hostedemail.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S229490AbhGJRHh (ORCPT ); Sat, 10 Jul 2021 13:07:37 -0400 Received: from omf06.hostedemail.com (clb03-v110.bra.tucows.net [216.40.38.60]) by smtprelay03.hostedemail.com (Postfix) with ESMTP id 3AF3E837F253; Sat, 10 Jul 2021 17:04:51 +0000 (UTC) Received: from [HIDDEN] (Authenticated sender: joe@perches.com) by omf06.hostedemail.com (Postfix) with ESMTPA id 3852D2448BF; Sat, 10 Jul 2021 17:04:50 +0000 (UTC) Message-ID: <10621e048f62018432c42a3fccc1a5fd9a6d71d7.camel@perches.com> Subject: Re: [PATCH] dax: replace sprintf() by scnprintf() From: Joe Perches To: Salah Triki , dan.j.williams@intel.com, vishal.l.verma@intel.com, dave.jiang@intel.com Cc: nvdimm@lists.linux.dev, linux-kernel@vger.kernel.org Date: Sat, 10 Jul 2021 10:04:48 -0700 In-Reply-To: <20210710164615.GA690067@pc> References: <20210710164615.GA690067@pc> Content-Type: text/plain; charset="ISO-8859-1" User-Agent: Evolution 3.40.0-1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=1.60 X-Rspamd-Server: rspamout04 X-Rspamd-Queue-Id: 3852D2448BF X-Stat-Signature: r9mp75uipcc9qgr86rf8isradagw5869 X-Session-Marker: 6A6F6540706572636865732E636F6D X-Session-ID: U2FsdGVkX19qjiJ4bEM3l7ZhvAJzq+B4x7oGaQz405Y= X-HE-Tag: 1625936690-706479 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, 2021-07-10 at 17:46 +0100, Salah Triki wrote: > Replace sprintf() by scnprintf() in order to avoid buffer overflows. OK but also not strictly necessary. DAX_NAME_LEN is 30. Are you finding and changing these manually or with a script? > diff --git a/drivers/dax/bus.c b/drivers/dax/bus.c [] > @@ -76,7 +76,7 @@ static ssize_t do_id_store(struct device_driver *drv, const char *buf, > ? fields = sscanf(buf, "dax%d.%d", ®ion_id, &id); > ? if (fields != 2) > ? return -EINVAL; > - sprintf(devname, "dax%d.%d", region_id, id); > + scnprintf(devname, DAX_NAME_LEN, "dax%d.%d", region_id, id); > ? if (!sysfs_streq(buf, devname)) > ? return -EINVAL; > ? >