| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9d6d7641-d2c0-4629-944c-1bb88eddc486@oss.qualcomm.com>
Date: Mon, 27 Oct 2025 19:55:09 +0800
From: Zhongqiu Han <zhongqiu.han@....qualcomm.com>
To: Dan Carpenter <dan.carpenter@...aro.org>,
Bjorn Andersson <andersson@...nel.org>
Cc: Mathieu Poirier <mathieu.poirier@...aro.org>,
Matthias Brugger <matthias.bgg@...il.com>,
AngeloGioacchino Del Regno <angelogioacchino.delregno@...labora.com>,
linux-remoteproc@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-arm-kernel@...ts.infradead.org,
linux-mediatek@...ts.infradead.org, kernel-janitors@...r.kernel.org
Subject: Re: [PATCH v2] remoteproc: mtk_scp: change the snprintf() checking
On 10/27/2025 3:08 PM, Dan Carpenter wrote:
> The snprintf() calls here work but they have several minor style issues:
>
> 1) It uses ARRAY_SIZE() which is the number of elements in an array.
> Since were talking about char that works, but it's more common to
> use sizeof() which is the number of bytes.
> 2) The printf format is "%1d". The "1" ensures we always print at
> least 1 character but since numbers all have at least 1 digit this
> can be removed.
> 3) The kernel implementation of snprintf() cannot return negative error
> codes. Also these particular calls to snprintf() can't return zero
> and the code to handle that zero return is sort of questionable.
> 4) In the current kernel the only "core_id" we print is "0" but if it
> was more than 9 then the output would be truncated so GCC complains.
> Add an "a >= sizeof(scp_fw_file)" check for output which is too long.
>
> Signed-off-by: Dan Carpenter <dan.carpenter@...aro.org>
Reviewed-by: Zhongqiu Han <zhongqiu.han@....qualcomm.com>
> ---
> v2: The v1 introduced a W=1 warning because of the truncation issue.
> It's a false positive because GCC assumes that "core_id" can be
> every possible value of int but actually it can only be zero. And
> also generally, in the kernel, truncating is fine and it is fine
> here too.
>
> But let's use that as an opportunity to do more cleanups.
>
> drivers/remoteproc/mtk_scp.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/remoteproc/mtk_scp.c b/drivers/remoteproc/mtk_scp.c
> index 10e3f9eb8cd2..db8fd045468d 100644
> --- a/drivers/remoteproc/mtk_scp.c
> +++ b/drivers/remoteproc/mtk_scp.c
> @@ -1127,11 +1127,11 @@ static const char *scp_get_default_fw_path(struct device *dev, int core_id)
> return ERR_PTR(-EINVAL);
>
> if (core_id >= 0)
> - ret = snprintf(scp_fw_file, ARRAY_SIZE(scp_fw_file), "scp_c%1d", core_id);
> + ret = snprintf(scp_fw_file, sizeof(scp_fw_file), "scp_c%d", core_id);
> else
> - ret = snprintf(scp_fw_file, ARRAY_SIZE(scp_fw_file), "scp");
> - if (ret <= 0)
> - return ERR_PTR(ret);
> + ret = snprintf(scp_fw_file, sizeof(scp_fw_file), "scp");
> + if (ret >= sizeof(scp_fw_file))
> + return ERR_PTR(-ENAMETOOLONG);
>
> /* Not using strchr here, as strlen of a const gets optimized by compiler */
> soc = &compatible[strlen("mediatek,")];
--
Thx and BRs,
Zhongqiu Han
Powered by blists - more mailing lists