On Mon, Feb 19, 2024 at 03:23:12PM +0000, Lee Jones wrote: > Adding this to checkpatch is a good idea. Yeah, please do. You can look at the "strncpy -> strscpy" check that is already in there for an example. > > What if we also take Kees's suggestion and hit all of these found in > SCSI in one patch to keep the churn down to a minimum? We don't have to focus on SCSI even. At the end of the next -rc1, I can send a tree-wide patch (from Coccinelle) that'll convert all snprintf() uses that don't check a return value into scnprintf(). For example, this seems to do the trick: @scnprintf depends on !(file in "tools") && !(file in "samples")@ @@ -snprintf +scnprintf (...); Results in: 2252 files changed, 4795 insertions(+), 4795 deletions(-) -Kees -- Kees Cook
