On Thu, Feb 15, 2024 at 01:33:29PM +0100, Geert Uytterhoeven wrote: > On Thu, Feb 15, 2024 at 1:19 PM Andy Shevchenko > <andriy.shevchenko@xxxxxxxxxxxxxxx> wrote: > > On Thu, Feb 15, 2024 at 02:17:00PM +0200, Andy Shevchenko wrote: > > > On Thu, Feb 15, 2024 at 11:40:44AM +0100, Geert Uytterhoeven wrote: > > > > On Mon, Feb 12, 2024 at 6:04 PM Andy Shevchenko > > > > <andriy.shevchenko@xxxxxxxxxxxxxxx> wrote: > > > > > + linedisp->buf = buf ? buf : linedisp->curr; > > > > > + linedisp->num_chars = buf ? num_chars : min(num_chars, LINEDISP_DEFAULT_BUF_SZ); > > > > > > > > I think it would be safer to return an error if buf == NULL and > > > > num_chars < LINEDISP_DEFAULT_BUF_SZ. > > > > > > I think you meant >= ? > > Oops, yes/ > > > > > > > > Else a careless driver that doesn't check linedisp->num_chars might > > > > overflow the buffer. > > > > > > Okay, check has been added. > > > > Hold on, but I have min() being called, isn't it enough? > > Yes you have. > > A careless driver might not use linedisp->num_chars later, but instead > just hardcode e.g. memcpy(linedisp->buf, source, LARGE_BUF_SIZE). I see the point, yes, we need an additional check. -- With Best Regards, Andy Shevchenko
