Re: [PATCH v2] checkpatch: add check for snprintf to scnprintf

From: Joe Perches
Date: Wed Feb 21 2024 - 20:06:00 EST

Next message: Karthikeyan Ramasubramanian: "[PATCH v2] drivers/i915/intel_bios: Fix parsing backlight BDB data"
Previous message: Kent Gibson: "Re: [PATCH 2/2] gpiolib: cdev: release IRQs when the gpio chip device is removed"
In reply to: Kees Cook: "Re: [PATCH v2] checkpatch: add check for snprintf to scnprintf"
Next in thread: Lee Jones: "Re: [PATCH v2] checkpatch: add check for snprintf to scnprintf"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2024-02-21 at 22:11 +0000, Justin Stitt wrote:
> I am going to quote Lee Jones who has been doing some snprintf ->
> scnprintf refactorings:
>
> "There is a general misunderstanding amongst engineers that
> {v}snprintf() returns the length of the data *actually* encoded into the
> destination array. However, as per the C99 standard {v}snprintf()
> really returns the length of the data that *would have been* written if
> there were enough space for it. This misunderstanding has led to
> buffer-overruns in the past. It's generally considered safer to use the
> {v}scnprintf() variants in their place (or even sprintf() in simple
> cases). So let's do that."
>
> To help prevent new instances of snprintf() from popping up, let's add a
> check to checkpatch.pl.
>
> Suggested-by: Finn Thain <fthain@xxxxxxxxxxxxxx>
> Signed-off-by: Justin Stitt <justinstitt@xxxxxxxxxx>
> ---
> Changes in v2:
> - Had a vim moment and deleted a character before sending the patch.
> - Replaced the character :)
> - Link to v1: https://lore.kernel.org/r/20240221-snprintf-checkpatch-v1-1-3ac5025b5961@xxxxxxxxxx
> ---
> From a discussion here [1].
>
> [1]: https://lore.kernel.org/all/0f9c95f9-2c14-eee6-7faf-635880edcea4@xxxxxxxxxxxxxx/

> diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
[]
> @@ -7012,6 +7012,12 @@ sub process {
> "Prefer strscpy, strscpy_pad, or __nonstring over strncpy - see: https://github.com/KSPP/linux/issues/90\n"; . $herecurr);
> }
>
> +# snprintf uses that should likely be {v}scnprintf
> + if ($line =~ /\bsnprintf\s*\(\s*/) {
> + WARN("SNPRINTF",
> + "Prefer scnprintf over snprintf\n" . $herecurr);

There really should be some sort of reference link here
similar to the one above this.

Also, I rather doubt _all_ of these should be changed just
for churn's sake.

Maybe add a test for some return value use like

if (defined($stat) &&
$stat =~ /$Lval\s*=\s*snprintf\s*\(/) {
etc...

Maybe offer to --fix it too.

Next message: Karthikeyan Ramasubramanian: "[PATCH v2] drivers/i915/intel_bios: Fix parsing backlight BDB data"
Previous message: Kent Gibson: "Re: [PATCH 2/2] gpiolib: cdev: release IRQs when the gpio chip device is removed"
In reply to: Kees Cook: "Re: [PATCH v2] checkpatch: add check for snprintf to scnprintf"
Next in thread: Lee Jones: "Re: [PATCH v2] checkpatch: add check for snprintf to scnprintf"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]