On 17/07/17 14:57, Arnd Bergmann wrote: > On Mon, Jul 17, 2017 at 2:53 PM, Hans Verkuil <hverkuil@xxxxxxxxx> wrote: >> On 14/07/17 14:07, Arnd Bergmann wrote: >>> gcc-7 notices that we copy a fixed length string into another >>> string of the same size, with additional characters: >>> >>> drivers/media/usb/usbvision/usbvision-i2c.c: In function 'usbvision_i2c_register': >>> drivers/media/usb/usbvision/usbvision-i2c.c:190:36: error: '%d' directive writing between 1 and 11 bytes into a region of size between 0 and 47 [-Werror=format-overflow=] >>> sprintf(usbvision->i2c_adap.name, "%s-%d-%s", i2c_adap_template.name, >>> ^~~~~~~~~~ >>> drivers/media/usb/usbvision/usbvision-i2c.c:190:2: note: 'sprintf' output between 4 and 76 bytes into a destination of size 48 >>> >>> We know this is fine as the template name is always "usbvision", so >>> we can easily avoid the warning by using this as the format string >>> directly. >> >> Hmm, how about replacing sprintf by snprintf? That feels a lot safer (this is very >> old code, it's not surprising it is still using sprintf). > > With snprintf(), you will still get a -Wformat-truncation warning. One > of my patches > disables that warning by default, but Mauro likes build-testing with > "make W=1", so > it would still show up then. > > However, we can do both: replace the string and use snprintf(). Yes please! Regards, Hans
