On (23/01/17 08:16), John Ogness wrote: > On 2023-01-17, Sergey Senozhatsky <senozhatsky@xxxxxxxxxxxx> wrote: > > On (23/01/16 17:35), Petr Mladek wrote: > >> len = snprintf(scratchbuf, scratchbuf_sz, > >> "** %lu printk messages dropped **\n", dropped); > > > > Wouldn't > > > > if (WARN_ON_ONCE(len + PRINTK_PREFIX_MAX >= outbuf_sz)) > > return; > > > > prevent us from doing something harmful? > > Sure. But @0len is supposed to contain the number of bytes in > @scratchbuf, which theoretically it does not. snprintf() is the wrong > function to use here, even if there is not real danger in this > situation. Oh, yes, I agree that snprintf() should be replaced. Maybe we can go even a bit furhter and replace all snprintf()-s in kernel/printk/* (well, in a similar fashion, just in case). I'm just trying to understand what type of assumptions does coverity make here and so far everything looks rather peculiar.
