On Fri 2020-09-18 08:16:37, Rasmus Villemoes wrote: > On 17/09/2020 15.16, John Ogness wrote: > > > if (dev->class) > > subsys = dev->class->name; > > else if (dev->bus) > > subsys = dev->bus->name; > > else > > - return 0; > > + return; > > > > - pos += snprintf(hdr + pos, hdrlen - pos, "SUBSYSTEM=%s", subsys); > > - if (pos >= hdrlen) > > - goto overflow; > > + snprintf(dev_info->subsystem, sizeof(dev_info->subsystem), subsys); > > It's unlikely that subsys would contain a %, but this will be yet > another place to spend brain cycles ignoring if doing static analysis. > So can we not do this. Either of strXcpy() for X=s,l will do the same > thing, and likely faster. Good point! Better be on the safe size in a generic printk() API. Well, I am afraid that this would be only small drop in a huge lake. class->name and bus->name seems to be passed to %s in so many *print*() calls all over the kernel code. IMHO, this is not the right place to prevent the problem. Dangerous names must be prevented when a new bus, class, device is added. Best Rergards, Petr _______________________________________________ kexec mailing list kexec@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/kexec