> +struct es58x_sw_version { > + u8 major; > + u8 minor; > + u8 revision; > +}; > +static int es58x_devlink_info_get(struct devlink *devlink, > + struct devlink_info_req *req, > + struct netlink_ext_ack *extack) > +{ > + struct es58x_device *es58x_dev = devlink_priv(devlink); > + struct es58x_sw_version *fw_ver = &es58x_dev->firmware_version; > + struct es58x_sw_version *bl_ver = &es58x_dev->bootloader_version; > + struct es58x_hw_revision *hw_rev = &es58x_dev->hardware_revision; > + char buf[max(sizeof("xx.xx.xx"), sizeof("axxx/xxx"))]; > + int ret = 0; > + > + if (es58x_sw_version_is_set(fw_ver)) { > + snprintf(buf, sizeof(buf), "%02u.%02u.%02u", > + fw_ver->major, fw_ver->minor, fw_ver->revision); I see you have been very careful here, but i wonder if you might still get some compiler/static code analyser warnings here. As far as i remember %02u does not limit it to two characters. If the number is bigger than 99, it will take three characters. And your types are u8, so the compiler could consider these to be 3 characters each. So you end up truncating. Which you look to of done correctly, but i wonder if some over zealous checker will report it? Maybe consider "xxx.xxx.xxx"? Nice paranoid code by the way. I'm not the best at spotting potential buffer overflows, but this code looks good. The only question i had left was how well sscanf() deals with UTF-8. Andrew