lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <YYJIJqRLI2fjXlzl@kroah.com>
Date:   Wed, 3 Nov 2021 09:28:22 +0100
From:   Greg KH <gregkh@...uxfoundation.org>
To:     cgel.zte@...il.com
Cc:     johan@...nel.org, linux-kernel@...r.kernel.org,
        Jing Yao <yao.jing2@....com.cn>, Zeal Robot <zealci@....com.cn>
Subject: Re: [PATCH] drivers: most: replace snprintf in show functions with
 sysfs_emit

On Wed, Nov 03, 2021 at 08:23:13AM +0000, cgel.zte@...il.com wrote:
> From: Jing Yao <yao.jing2@....com.cn>
> 
> coccicheck complains about the use of snprintf() in sysfs show
> funcitons:
> WARNING use scnprintf or sprintf
> 
> Use sysfs_emit instead of scnprintf, snprintf or sprintf makes more
> sense.
> 
> Reported-by: Zeal Robot <zealci@....com.cn>

This "robot" is not coccicheck.


> Signed-off-by: Jing Yao <yao.jing2@....com.cn>
> ---
>  drivers/most/most_usb.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/most/most_usb.c b/drivers/most/most_usb.c
> index acabb7715b42..dccbec16000c 100644
> --- a/drivers/most/most_usb.c
> +++ b/drivers/most/most_usb.c
> @@ -831,7 +831,7 @@ static ssize_t value_show(struct device *dev, struct device_attribute *attr,
>  	int err;
>  
>  	if (sysfs_streq(name, "arb_address"))
> -		return snprintf(buf, PAGE_SIZE, "%04x\n", dci_obj->reg_addr);
> +		return sysfs_emit(buf, "%04x\n", dci_obj->reg_addr);
>  
>  	if (sysfs_streq(name, "arb_value"))
>  		reg_addr = dci_obj->reg_addr;
> -- 
> 2.25.1

Why did you only change one of the instances of this in this function
and not both?

Are you going to send a follow-on patch to change the other use of
snprintf() here?

Please do it all in one patch, and fix your "robot" to correctly notify
you of mistakes like this.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ