lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 12 Oct 2021 21:10:32 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     'Joe Perches' <>,
        LKML <>
CC:     kernel-janitors <>
Subject: RE: Use of '%#02x' is almost always wrong

From: Joe Perches
> Sent: 10 October 2021 17:46
> Perhaps too many developers do not know that using '%#<width>x'
> in printf output _includes_ the 0x prefix in the output width.
> So %#02x already has the width taken by the 0x prefix and will
> always emit 3 or more output bytes.
> sprintf(buf, "%#02x", 1) emits 0x1 (3 bytes of output)
> sprintf(buf, "%#02x", 255) emits 0xff (4 bytes of output)
> So presumably all the uses of %#02x in the kernel are not outputting
> what is actually expected.  Perhaps all of these should use %#04x.

Doesn't help. The definition of "%#x" is completely broken.
Basically 0 doesn't get the "0x" prefix, so "%#04x" outputs
"0000" if the value is zero.
So the correct replacement is (probably) "0x%02x".


Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists