On Mon, May 13, 2024 at 06:44:37PM +0300, Andy Shevchenko wrote: > On Mon, May 13, 2024 at 05:33:10PM +0200, Hans de Goede wrote: > > On 5/13/24 5:19 PM, Andy Shevchenko wrote: > > > On Mon, May 13, 2024 at 03:18:10PM +0200, Hans de Goede wrote: > > >> On 5/13/24 2:58 PM, Andy Shevchenko wrote: > > >>> On Mon, May 13, 2024 at 01:15:50PM +0200, Hans de Goede wrote: ... > > >>>> + dev_dbg(dev, "Firmware version: %.*s\n", resp[RESP_LEN] - 3, resp + RESP_DATA); > > >>> > > >>> I would be on the safest side, i.e. not trusting that it will be NUL-terminated > > >>> string, hence something like %*pE? > > >> > > >> Right, this is why the existing dev_dbg() already passes a precision and we do > > >> want to actually stop if there is a 0 there, which %pE does not do. > > > > > > I'm talking about the opposite, when it might go over the boundary. > > > > AFAIK the way the precision is used in the current code limits things to at max the boundary, > > stopping earlier if a 0 is encountered earlier. > > Indeed, I refreshed my memory about %.*s. > > So, the only part left is the potential terminal sequences appear in > the message. Just for clarity, the %*pE would require strnlen() call to have similar effect. -- With Best Regards, Andy Shevchenko
