Received: by 2002:a05:7208:3188:b0:7e:5202:c8b4 with SMTP id r8csp823817rbd;
        Fri, 23 Feb 2024 04:55:41 -0800 (PST)
X-Forwarded-Encrypted: i=3; AJvYcCVHM4f/PGS5dgs9311FsAERgQ1uAiFdzt+Gx1OuCvewf4ZFdA8fWcaTrIfrmpBGX+3YMeZnYQW3iZfyIaAPFai8S3EwZHt3BGu9jrzoxg==
X-Google-Smtp-Source: AGHT+IESDljOVqw6QAko6YIFBl6aN2wKsgDtekvIFfjn8zmB/P02X6eYUTRw1cz1uFXzE5ZW9Oz/
X-Received: by 2002:a9d:61d8:0:b0:6e4:8837:6104 with SMTP id h24-20020a9d61d8000000b006e488376104mr39356otk.37.1708692941706;
        Fri, 23 Feb 2024 04:55:41 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1708692941; cv=pass;
        d=google.com; s=arc-20160816;
        b=KTxcSeZky9X/QIAvFdNPgnkwqR6lVZBhZXfFJfgvTBNIi1JfbUnwrVsuK8O4uRjWvY
         hYievpf0AJy5LEBCmi5wcqqFKSa5zmCQniF1bJPXxEdrtFypKicHSFvP7aIJHMQF6Jai
         Qu3mv2mcKMhpKMSY5US3Zl7ONb1rxImGwmI/y1Jk5i8wIIqdvWVxH5vuMk5zPb8xMY4+
         4AOSMUk7D72GfL7QvlVjOMTXiHKyhfCzU5rzwBgMaF4M2msvfC5jIzmOJVLsaLllOCtv
         BIgrjvwxjzlrcQwd06HOQmXHoxf0QLIEZ9k4FMmZC/jy5jvc7tpJq/h7qL7jApnViOSn
         3EcA==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=mime-version:list-unsubscribe:list-subscribe:list-id:precedence
         :user-agent:content-transfer-encoding:references:in-reply-to:date:cc
         :to:from:subject:message-id;
        bh=d7J4UdmQW23fQI9Xkk/QvQ9enwlLoBTWfti6V5+V3W0=;
        fh=B8c0zNbXBSf8SmvrYzihP3FtDd5acm7fktrIJLtTryE=;
        b=XM3CoeIu3BZfx7PyJjfvmnm0i1v6LNoMmNE26vuOLVvnqOi6SxBzZog+xa+eX2Dnlj
         xPVMF8m/+g+EjwgLnYe2p4isSOqdG2Nwe66RBy5HuDbPU4BtNmVHSUvZxVMYX00XSYRn
         +JyFGxmKncEaFQ/vqYIpmUczjnYa5k3JUpsEPaWIHxQKYEAjMMVo9q7/iQ6HsX54aJXi
         W8LVG8CEtsMUOMWdQdjF+lEvkDIarIgBKts/U1kk2SX9gU+viPpYnSG+LTRNParBpYm2
         uGc1iuf1GvKVh4uNCfEVqhMP25BTyVt1qajGvHlEvbqV5RFIMEhOzPXlQOlm/05Q/VpM
         gMIQ==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       arc=pass (i=1 spf=pass spfdomain=perches.com);
       spf=pass (google.com: domain of linux-kernel+bounces-78324-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-78324-linux.lists.archive=gmail.com@vger.kernel.org"
Return-Path: <linux-kernel+bounces-78324-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161])
        by mx.google.com with ESMTPS id m19-20020a637d53000000b005e438ff5c40si4211445pgn.591.2024.02.23.04.55.41
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 23 Feb 2024 04:55:41 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-78324-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161;
Authentication-Results: mx.google.com;
       arc=pass (i=1 spf=pass spfdomain=perches.com);
       spf=pass (google.com: domain of linux-kernel+bounces-78324-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-78324-linux.lists.archive=gmail.com@vger.kernel.org"
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sy.mirrors.kernel.org (Postfix) with ESMTPS id 852F0B26A2F
	for <linux.lists.archive@gmail.com>; Fri, 23 Feb 2024 12:48:31 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id E550063104;
	Fri, 23 Feb 2024 12:48:09 +0000 (UTC)
Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id DB3B77E0E8;
	Fri, 23 Feb 2024 12:48:07 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=216.40.44.16
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1708692489; cv=none; b=c4FSyG4TaVGVbQSPl2V0vyZDWxOIPWz1Grr6seFp1uf4d64iQgpYfPlfDi6ptLAQflT5l4cSu16q8zSR9LAkWC0DF9MgDjEAupvirz35zkxbrAIReA3l510QPelC5B5CIpxC8KCjpnxUtAU7DpLyfUXRh4Oa1gKa9pxCIhUUQ0g=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1708692489; c=relaxed/simple;
	bh=LAjfPoz2drXqfQvAjv9IzHKfA5IrdcSZOOkt/CeiU1c=;
	h=Message-ID:Subject:From:To:Cc:Date:In-Reply-To:References:
	 Content-Type:MIME-Version; b=M5KopDuGYo9gsf6WYOyfcm8c6/qmDQlJcRzVt4szi1DJ7ls+a9ytdiGaeyDl0ofqlWbtKxZYlaeSk+nN5T3Ivj5brckjPjmRNSdjynEUbn2AG4u2sPlqZhQ/91pGNWIgjmWKdirzozW077EW5WtdY3WuoNXvbhQY1kn51CrJq6M=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=perches.com; spf=pass smtp.mailfrom=perches.com; arc=none smtp.client-ip=216.40.44.16
Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=perches.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=perches.com
Received: from omf02.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay03.hostedemail.com (Postfix) with ESMTP id 2073BA1164;
	Fri, 23 Feb 2024 12:48:00 +0000 (UTC)
Received: from [HIDDEN] (Authenticated sender: joe@perches.com) by omf02.hostedemail.com (Postfix) with ESMTPA id 682A78000E;
	Fri, 23 Feb 2024 12:47:57 +0000 (UTC)
Message-ID: <bc22e93196284ddece102929ae9f6636358e6716.camel@perches.com>
Subject: Re: [PATCH v2] checkpatch: add check for snprintf to scnprintf
From: Joe Perches <joe@perches.com>
To: Lee Jones <lee@kernel.org>
Cc: Justin Stitt <justinstitt@google.com>, Andy Whitcroft
 <apw@canonical.com>,  Dwaipayan Ray <dwaipayanray1@gmail.com>, Lukas
 Bulwahn <lukas.bulwahn@gmail.com>,  linux-kernel@vger.kernel.org,
 linux-hardening@vger.kernel.org, Kees Cook <keescook@chromium.org>, Finn
 Thain <fthain@linux-m68k.org>
Date: Fri, 23 Feb 2024 04:47:56 -0800
In-Reply-To: <20240223103845.GP10170@google.com>
References: <20240221-snprintf-checkpatch-v2-1-9baeb59dae30@google.com>
	 <bccc704fc78b362bbc57a79eb240219f5ec1548e.camel@perches.com>
	 <20240223103845.GP10170@google.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
User-Agent: Evolution 3.48.4 (3.48.4-1.fc38) 
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-Rspamd-Queue-Id: 682A78000E
X-Rspamd-Server: rspamout08
X-Stat-Signature: ukf9z8exot3f8st6ets4czmu8p6frtk4
X-Session-Marker: 6A6F6540706572636865732E636F6D
X-Session-ID: U2FsdGVkX1/0INiopDmML8A145GUuo/QwEloV8aKws4=
X-HE-Tag: 1708692477-39706
X-HE-Meta: U2FsdGVkX1/UFjuIy6XDV0zdZU7pS54VpS1HyjtO8u/qVXIGPoXkdNloAv9Sw8rpIUAPYfmxbMgHsnXqz8ZXNUggPoGrMTDkMdjsuMYWEHsMBtLG+GZ+K0dEpAG+22xU1nj+tBk6LPV2pmIMpu6VcwvdSN5oBJGgkUsZbi3K8YncxD+mFqec84H8gFg73naopm5Ka34RzGP0P3M8ftqmMYFcSENvpigT1xsbb6144nhzfETCpQep1i53OKAf09EE3oRn7IF4I5FVorDTY4lpSSH5zAu+ApCymd3jDS8UkgtNx8/nNclHejShy0COFHeS75DYc+/UUZLFEms+GtiIM9Kef3betaQiXQfvaeMuQHyiEmbqKsw54ghsnU6uDBRyngX909KJKOnXPr0ZezUvEIk96GdPiZl6pP0rV0g7PWb9qkAf6J2VyX97st7Bmklws/FWmwXIWOn48xySR1ZDw9x5qStU9/1Rug+6mB1uBZs=

On Fri, 2024-02-23 at 10:38 +0000, Lee Jones wrote:
> On Wed, 21 Feb 2024, Joe Perches wrote:
>=20
> > On Wed, 2024-02-21 at 22:11 +0000, Justin Stitt wrote:
> > > I am going to quote Lee Jones who has been doing some snprintf ->
> > > scnprintf refactorings:
> > >=20
> > > "There is a general misunderstanding amongst engineers that
> > > {v}snprintf() returns the length of the data *actually* encoded into =
the
> > > destination array.  However, as per the C99 standard {v}snprintf()
> > > really returns the length of the data that *would have been* written =
if
> > > there were enough space for it.  This misunderstanding has led to
> > > buffer-overruns in the past.  It's generally considered safer to use =
the
> > > {v}scnprintf() variants in their place (or even sprintf() in simple
> > > cases).  So let's do that."
> > >=20
> > > To help prevent new instances of snprintf() from popping up, let's ad=
d a
> > > check to checkpatch.pl.
> > >=20
> > > Suggested-by: Finn Thain <fthain@linux-m68k.org>
> > > Signed-off-by: Justin Stitt <justinstitt@google.com>
> > > ---
> > > Changes in v2:
> > > - Had a vim moment and deleted a character before sending the patch.
> > > - Replaced the character :)
> > > - Link to v1: https://lore.kernel.org/r/20240221-snprintf-checkpatch-=
v1-1-3ac5025b5961@google.com
> > > ---
> > > From a discussion here [1].
> > >=20
> > > [1]: https://lore.kernel.org/all/0f9c95f9-2c14-eee6-7faf-635880edcea4=
@linux-m68k.org/
> >=20
> > > diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
> > []
> > > @@ -7012,6 +7012,12 @@ sub process {
> > >  			     "Prefer strscpy, strscpy_pad, or __nonstring over strncpy - =
see: https://github.com/KSPP/linux/issues/90\n" . $herecurr);
> > >  		}
> > > =20
> > > +# snprintf uses that should likely be {v}scnprintf
> > > +		if ($line =3D~ /\bsnprintf\s*\(\s*/) {
> > > +				WARN("SNPRINTF",
> > > +				     "Prefer scnprintf over snprintf\n" . $herecurr);
> >=20
> > There really should be some sort of reference link here
> > similar to the one above this.
> >=20
> > Also, I rather doubt _all_ of these should be changed just
> > for churn's sake.
>=20
> This is for new implementations only.
>=20
> Kees is planning on changing all of the current instances kernel-wide.

I saw that.  I also saw pushback.
Not just my own.

Creating a cocci script is easy.
Getting Linus and others to run it isn't.