Recently I noticed that both gcc-14 and clang-18 report that passing
a non-string literal as the format argument of clkdev_create()
is potentially insecure.
E.g. clang-18 says:
.../txgbe_phy.c:582:35: warning: format string is not a string literal (potentially insecure) [-Wformat-security]
581 | clock = clkdev_create(clk, NULL, clk_name);
| ^~~~~~~~
.../txgbe_phy.c:582:35: note: treat the string as an argument to avoid this
581 | clock = clkdev_create(clk, NULL, clk_name);
| ^
| "%s",
It is always the case where the contents of clk_name is safe to pass as the
format argument. That is, in my understanding, it never contains any
format escape sequences.
However, it seems better to be safe than sorry. And, as a bonus, compiler
output becomes less verbose by addressing this issue as suggested by
clang-18.
Compile tested only.
Signed-off-by: Simon Horman <horms@xxxxxxxxxx>
---
drivers/net/ethernet/wangxun/txgbe/txgbe_phy.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/wangxun/txgbe/txgbe_phy.c b/drivers/net/ethernet/wangxun/txgbe/txgbe_phy.c
index 3dd89dafe7c7..a0e4920b4761 100644
--- a/drivers/net/ethernet/wangxun/txgbe/txgbe_phy.c
+++ b/drivers/net/ethernet/wangxun/txgbe/txgbe_phy.c
@@ -578,7 +578,7 @@ static int txgbe_clock_register(struct txgbe *txgbe)
if (IS_ERR(clk))
return PTR_ERR(clk);
- clock = clkdev_create(clk, NULL, clk_name);
+ clock = clkdev_create(clk, NULL, "%s", clk_name);
if (!clock) {
clk_unregister(clk);
return -ENOMEM;
--
2.45.2
