[PATCH] edac: Use scnprintf() for safer buffer handling

linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] edac: Use scnprintf() for safer buffer handling
@ 2025-07-13  2:57 Wang Haoran
  2025-07-14  1:25 ` Zhuo, Qiuxu
  0 siblings, 1 reply; 5+ messages in thread
From: Wang Haoran @ 2025-07-13  2:57 UTC (permalink / raw)
  To: tony.luck, bp
  Cc: james.morse, mchehab, rric, linux-edac, linux-kernel, Wang Haoran

snprintf() is fragile when its return value will be used to append additional data to a buffer. Use scnprintf() instead.

Signed-off-by: Wang Haoran (Vul337) <haoranwangsec@gmail.com>
---
 drivers/edac/skx_common.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/edac/skx_common.c b/drivers/edac/skx_common.c
index c9ade45c1a99..39c733dbc5b9 100644
--- a/drivers/edac/skx_common.c
+++ b/drivers/edac/skx_common.c
@@ -670,12 +670,12 @@ static void skx_mce_output_error(struct mem_ctl_info *mci,
 	}
 
 	if (res->decoded_by_adxl) {
-		len = snprintf(skx_msg, MSG_SIZE, "%s%s err_code:0x%04x:0x%04x %s",
+		len = scnprintf(skx_msg, MSG_SIZE, "%s%s err_code:0x%04x:0x%04x %s",
 			 overflow ? " OVERFLOW" : "",
 			 (uncorrected_error && recoverable) ? " recoverable" : "",
 			 mscod, errcode, adxl_msg);
 	} else {
-		len = snprintf(skx_msg, MSG_SIZE,
+		len = scnprintf(skx_msg, MSG_SIZE,
 			 "%s%s err_code:0x%04x:0x%04x ProcessorSocketId:0x%x MemoryControllerId:0x%x PhysicalRankId:0x%x Row:0x%x Column:0x%x Bank:0x%x BankGroup:0x%x",
 			 overflow ? " OVERFLOW" : "",
 			 (uncorrected_error && recoverable) ? " recoverable" : "",
-- 
2.43.0


^ permalink raw reply related	[flat|nested] 5+ messages in thread

* RE: [PATCH] edac: Use scnprintf() for safer buffer handling
  2025-07-13  2:57 [PATCH] edac: Use scnprintf() for safer buffer handling Wang Haoran
@ 2025-07-14  1:25 ` Zhuo, Qiuxu
  0 siblings, 0 replies; 5+ messages in thread
From: Zhuo, Qiuxu @ 2025-07-14  1:25 UTC (permalink / raw)
  To: Wang Haoran, Luck, Tony, bp@alien8.de
  Cc: james.morse@arm.com, mchehab@kernel.org, rric@kernel.org,
	linux-edac@vger.kernel.org, linux-kernel@vger.kernel.org

> From: Wang Haoran <haoranwangsec@gmail.com>
> Sent: Sunday, July 13, 2025 10:58 AM
> To: Luck, Tony <tony.luck@intel.com>; bp@alien8.de
> Cc: james.morse@arm.com; mchehab@kernel.org; rric@kernel.org; linux-
> edac@vger.kernel.org; linux-kernel@vger.kernel.org; Wang Haoran
> <haoranwangsec@gmail.com>
> Subject: [PATCH] edac: Use scnprintf() for safer buffer handling
> 
> snprintf() is fragile when its return value will be used to append additional
> data to a buffer. Use scnprintf() instead.
> 
> Signed-off-by: Wang Haoran (Vul337) <haoranwangsec@gmail.com>
> ---
>  drivers/edac/skx_common.c | 4 ++--

Please also replace all instances of snprintf() with scnprintf() in the file drivers/edac/i10nm_edac.c

Thanks
-Qiuxu 


^ permalink raw reply	[flat|nested] 5+ messages in thread

* [PATCH] edac: Use scnprintf() for safer buffer handling
@ 2025-07-14 14:01 Wang Haoran
  2025-07-14 16:00 ` Luck, Tony
  2025-07-15  1:37 ` Zhuo, Qiuxu
  0 siblings, 2 replies; 5+ messages in thread
From: Wang Haoran @ 2025-07-14 14:01 UTC (permalink / raw)
  To: tony.luck, bp
  Cc: james.morse, mchehab, rric, linux-edac, linux-kernel, Wang Haoran

snprintf() is fragile when its return value will be used to append additional data to a buffer. Use scnprintf() instead.

Signed-off-by: Wang Haoran (Vul337) <haoranwangsec@gmail.com>
---
 drivers/edac/i10nm_base.c | 18 +++++++++---------
 drivers/edac/skx_common.c |  4 ++--
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/drivers/edac/i10nm_base.c b/drivers/edac/i10nm_base.c
index a3fca2567752..679d34c097c0 100644
--- a/drivers/edac/i10nm_base.c
+++ b/drivers/edac/i10nm_base.c
@@ -343,7 +343,7 @@ static void show_retry_rd_err_log(struct decoded_addr *res, char *msg,
 
 	status_mask = rrl->over_mask | rrl->uc_mask | rrl->v_mask;
 
-	n = snprintf(msg, len, " retry_rd_err_log[");
+	n = scnprintf(msg, len, " retry_rd_err_log[");
 	for (i = 0; i < rrl->set_num; i++) {
 		scrub = (rrl->modes[i] == FRE_SCRUB || rrl->modes[i] == LRE_SCRUB);
 		if (scrub_err != scrub)
@@ -355,9 +355,9 @@ static void show_retry_rd_err_log(struct decoded_addr *res, char *msg,
 			log = read_imc_reg(imc, ch, offset, width);
 
 			if (width == 4)
-				n += snprintf(msg + n, len - n, "%.8llx ", log);
+				n += scnprintf(msg + n, len - n, "%.8llx ", log);
 			else
-				n += snprintf(msg + n, len - n, "%.16llx ", log);
+				n += scnprintf(msg + n, len - n, "%.16llx ", log);
 
 			/* Clear RRL status if RRL in Linux control mode. */
 			if (retry_rd_err_log == 2 && !j && (log & status_mask))
@@ -367,10 +367,10 @@ static void show_retry_rd_err_log(struct decoded_addr *res, char *msg,
 
 	/* Move back one space. */
 	n--;
-	n += snprintf(msg + n, len - n, "]");
+	n += scnprintf(msg + n, len - n, "]");
 
 	if (len - n > 0) {
-		n += snprintf(msg + n, len - n, " correrrcnt[");
+		n += scnprintf(msg + n, len - n, " correrrcnt[");
 		for (i = 0; i < rrl->cecnt_num && len - n > 0; i++) {
 			offset = rrl->cecnt_offsets[i];
 			width = rrl->cecnt_widths[i];
@@ -378,20 +378,20 @@ static void show_retry_rd_err_log(struct decoded_addr *res, char *msg,
 
 			/* CPUs {ICX,SPR} encode two counters per 4-byte CORRERRCNT register. */
 			if (res_cfg->type <= SPR) {
-				n += snprintf(msg + n, len - n, "%.4llx %.4llx ",
+				n += scnprintf(msg + n, len - n, "%.4llx %.4llx ",
 					      corr & 0xffff, corr >> 16);
 			} else {
 			/* CPUs {GNR} encode one counter per CORRERRCNT register. */
 				if (width == 4)
-					n += snprintf(msg + n, len - n, "%.8llx ", corr);
+					n += scnprintf(msg + n, len - n, "%.8llx ", corr);
 				else
-					n += snprintf(msg + n, len - n, "%.16llx ", corr);
+					n += scnprintf(msg + n, len - n, "%.16llx ", corr);
 			}
 		}
 
 		/* Move back one space. */
 		n--;
-		n += snprintf(msg + n, len - n, "]");
+		n += scnprintf(msg + n, len - n, "]");
 	}
 }
 
diff --git a/drivers/edac/skx_common.c b/drivers/edac/skx_common.c
index c9ade45c1a99..39c733dbc5b9 100644
--- a/drivers/edac/skx_common.c
+++ b/drivers/edac/skx_common.c
@@ -670,12 +670,12 @@ static void skx_mce_output_error(struct mem_ctl_info *mci,
 	}
 
 	if (res->decoded_by_adxl) {
-		len = snprintf(skx_msg, MSG_SIZE, "%s%s err_code:0x%04x:0x%04x %s",
+		len = scnprintf(skx_msg, MSG_SIZE, "%s%s err_code:0x%04x:0x%04x %s",
 			 overflow ? " OVERFLOW" : "",
 			 (uncorrected_error && recoverable) ? " recoverable" : "",
 			 mscod, errcode, adxl_msg);
 	} else {
-		len = snprintf(skx_msg, MSG_SIZE,
+		len = scnprintf(skx_msg, MSG_SIZE,
 			 "%s%s err_code:0x%04x:0x%04x ProcessorSocketId:0x%x MemoryControllerId:0x%x PhysicalRankId:0x%x Row:0x%x Column:0x%x Bank:0x%x BankGroup:0x%x",
 			 overflow ? " OVERFLOW" : "",
 			 (uncorrected_error && recoverable) ? " recoverable" : "",
-- 
2.43.0


^ permalink raw reply related	[flat|nested] 5+ messages in thread

* RE: [PATCH] edac: Use scnprintf() for safer buffer handling
  2025-07-14 14:01 Wang Haoran
@ 2025-07-14 16:00 ` Luck, Tony
  2025-07-15  1:37 ` Zhuo, Qiuxu
  1 sibling, 0 replies; 5+ messages in thread
From: Luck, Tony @ 2025-07-14 16:00 UTC (permalink / raw)
  To: Wang Haoran, bp@alien8.de
  Cc: james.morse@arm.com, mchehab@kernel.org, rric@kernel.org,
	linux-edac@vger.kernel.org, linux-kernel@vger.kernel.org

> snprintf() is fragile when its return value will be used to append additional data to a buffer. Use scnprintf() instead.
>
> Signed-off-by: Wang Haoran (Vul337) <haoranwangsec@gmail.com>

Patch looks good. But what does the "(Vul337)" in your Signed-off-by signify?

The scripts/checkpatch.pl tool complains:

CHECK: From:/Signed-off-by: email comments mismatch:
'From: Wang Haoran <haoranwangsec@gmail.com>' != 'Signed-off-by: Wang Haoran (Vul337) <haoranwangsec@gmail.com>'


May I just drop that from the Signed-off-by line? Or is it important to you?

-Tony

^ permalink raw reply	[flat|nested] 5+ messages in thread

* RE: [PATCH] edac: Use scnprintf() for safer buffer handling
  2025-07-14 14:01 Wang Haoran
  2025-07-14 16:00 ` Luck, Tony
@ 2025-07-15  1:37 ` Zhuo, Qiuxu
  1 sibling, 0 replies; 5+ messages in thread
From: Zhuo, Qiuxu @ 2025-07-15  1:37 UTC (permalink / raw)
  To: Wang Haoran, Luck, Tony, bp@alien8.de
  Cc: james.morse@arm.com, mchehab@kernel.org, rric@kernel.org,
	linux-edac@vger.kernel.org, linux-kernel@vger.kernel.org

Hi Haoran,

Thanks for the patch. 

> From: Wang Haoran <haoranwangsec@gmail.com>
> Sent: Monday, July 14, 2025 10:02 PM
> To: Luck, Tony <tony.luck@intel.com>; bp@alien8.de
> Cc: james.morse@arm.com; mchehab@kernel.org; rric@kernel.org; linux-
> edac@vger.kernel.org; linux-kernel@vger.kernel.org; Wang Haoran
> <haoranwangsec@gmail.com>
> Subject: [PATCH] edac: Use scnprintf() for safer buffer handling

Please specify the subject with the prefix 'EDAC/{skx_common,i10nm}', 
to match the previous commit style, as follows:

      EDAC/{skx_common,i10nm}: Use scnprintf() for safer buffer handling

> 
> snprintf() is fragile when its return value will be used to append additional
> data to a buffer. Use scnprintf() instead.
> 

This lengthy commit message can be split into two lines for easy parsing. 
Please do so.
[ The tool scripts/checkpatch.pl suggests a max of 75 characters per line.  ]

> Signed-off-by: Wang Haoran (Vul337) <haoranwangsec@gmail.com>

I tested this patch on an Intel Granite Rapids server with error injections, 
and the i10nm_edac functioned well w/o any regression.

    Tested-by: Qiuxu Zhuo <qiuxu.zhuo@intel.com>

Please address Tony's comments about "Vul337" inside your SoB. 
Other than that:

    Reviewed-by: Qiuxu Zhuo <qiuxu.zhuo@intel.com>

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2025-07-15  1:37 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-13  2:57 [PATCH] edac: Use scnprintf() for safer buffer handling Wang Haoran
2025-07-14  1:25 ` Zhuo, Qiuxu
  -- strict thread matches above, loose matches on Subject: below --
2025-07-14 14:01 Wang Haoran
2025-07-14 16:00 ` Luck, Tony
2025-07-15  1:37 ` Zhuo, Qiuxu

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).