| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZxL0U6bziCxhySUO@mail.google.com>
Date: Sat, 19 Oct 2024 12:50:43 +1300
From: Paulo Miguel Almeida <paulo.miguel.almeida.rodenas@...il.com>
To: Segher Boessenkool <segher@...nel.crashing.org>
Cc: mpe@...erman.id.au, npiggin@...il.com, christophe.leroy@...roup.eu,
naveen@...nel.org, maddy@...ux.ibm.com, arnd@...db.de,
chentao@...inos.cn, linuxppc-dev@...ts.ozlabs.org,
linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH][next] powerpc/spufs: Replace snprintf() with the safer
scnprintf() variant
On Fri, Oct 18, 2024 at 10:38:43AM -0500, Segher Boessenkool wrote:
> On Fri, Oct 18, 2024 at 09:28:19PM +1300, Paulo Miguel Almeida wrote:
> > The C99 standard specifies that {v}snprintf() returns the length of the
> > data that *would have been* written if there were enough space.
>
> Not including the trailing zero byte, and it can also return negative if
> there was an encoding error. Yes.
>
> Not that this matters at all for your patch, so why mention it?
>
>
> Segher
Thanks for taking the time to review this patch.
Is the objection with the change in itself or just the commit message?
If it's the later, I'm happy to tweak it to what you would like see.
I added that bit for context so the motivation behind the preference for
scnprintf is clear, otherwise one would ask me why :)
We are phasing out snprint utilisations in which the result is being
used [1]. One of possible ways this *might* take form is that in near
future snprint will have it return void.
[1] https://github.com/KSPP/linux/issues/105#issuecomment-2421244722
- Paulo A.
Powered by blists - more mailing lists