From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-wm1-f45.google.com (mail-wm1-f45.google.com [209.85.128.45])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id A47CE3A0B36
	for <linux-kernel@vger.kernel.org>; Wed, 25 Mar 2026 10:20:43 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.45
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1774434045; cv=none; b=uSfwyOvOXMqqCbn9mVJaY6HOSt8hULPyBdMV4knTmUfCzk/NdcKFXOWUr9BPGM6rk5f4Nxr/aNIuFpS0fQVKsgn3fjML+JavOKWkd4Mm+dEbsq4b+vw2BliRrFa/j1/THQ+yI9IOAlfPmWpXyjJnWADk58l+Fv9WXSTCi24h3ik=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1774434045; c=relaxed/simple;
	bh=CspseYcnhD4Yc8GQzY0514islPS5RJNS6pHQ/v4Rpco=;
	h=Date:From:To:Cc:Subject:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type; b=rpx0rNvtJadF7gZUBjTLtgs/OnLyxp+gE0WqsfSwqI6NilZr0/kNbJf3OzvLfmlpaxa+fbMAZEgoHpk8fL3/m/I0QRNlx4ZqAj0mK5Um4kWh5tXQDBtH8SPIXc5NleiFYAnD3T/yAzh4YgLaZoK+RRxCA3Pb5jtFZOTL/fuEJQI=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=ruYyWkbJ; arc=none smtp.client-ip=209.85.128.45
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ruYyWkbJ"
Received: by mail-wm1-f45.google.com with SMTP id 5b1f17b1804b1-486fb112c09so43758115e9.1
        for <linux-kernel@vger.kernel.org>; Wed, 25 Mar 2026 03:20:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20251104; t=1774434042; x=1775038842; darn=vger.kernel.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:subject:cc:to:from:date:from:to:cc:subject:date
         :message-id:reply-to;
        bh=lhCsYWNigo7/kEeflt2W1GjOzPENb0JsoGj8ZJNw8KE=;
        b=ruYyWkbJvRR/TBKAeIDf5HZrg5kMzabZEKZm0W2RNa3gNTrOmOjo/SQhpt9IzwBQvz
         7kNwJ8xvbXnMWFjHgLo8Hg3c67o3gC91ZpRcfDF5TqSx5XBegCcpdTeUDc9ZiZJ7YAOI
         oSq0GOLRuTgk7Wxq5ubmJDkB/CR3D3Y7o6G4II55VhEoUBNJpSeuGHCiVm9coSI64ZoS
         21+sEsxxDzUZPvHkBTW6DBDzMip8Ct3XIPi1+RketMbeA9lwA+lbKkdo3YiSNqGqVGNl
         o6HLwvkvcdue2KMljJiJ/wB3Inpm5EpWgexgXM44QI1QMxyQQrbu8lB4KoAo2z77iYp+
         xTeg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1774434042; x=1775038842;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from
         :to:cc:subject:date:message-id:reply-to;
        bh=lhCsYWNigo7/kEeflt2W1GjOzPENb0JsoGj8ZJNw8KE=;
        b=NLrBRj1mhhQS5ht6b92vuYQau0MXTzhyncVVpU6K0Zj6FO4FVWIego5MhEJ/QgHbAz
         mxPnWYD5yf04u5NmrLpzItLaly8pZJN7Uv8u8l91gSByiecRb8urVwQHaUwG2yH9LRsD
         Nj7/oqoUuwAGYF7hV8vDOKjDwxHK1BueYkRFuHeKhK2kBXI5OAOZbCv+dc8ARTBcimU1
         TGRgor2RyItRcE6s2GsYlxp6vSQ2qgfo7YRFNUPeP48TnmCID2qproLJVI0+Zh4XQan2
         rqIgC6lJ641F1LzXfKAdzM76ubOKkKNurejzummtsMAqnww2840iZOIylfPeXV9VjsI8
         Bn8g==
X-Forwarded-Encrypted: i=1; AJvYcCUr7ma2ITaQF8jFbi5Ld7dL2uulF4bZ5ReO0c+TKQ/qkH4r2vILsbz/l7qpm1A+LP4sknlWuoURCOPsFhs=@vger.kernel.org
X-Gm-Message-State: AOJu0YyKLIabpgDkqwWWyEdVarO8OS7CasnDs5/Xs7gFsUQShNCc9FRU
	r+ogPyFhJMIiFJu5NyrqNlkDg6j25JTTfNUOt+JpjK7vATRSZhJymc6g
X-Gm-Gg: ATEYQzyYjnsm4XWui+8Y2lLQiHnRQbOkXmZxBC9CtTUyOJL3Nr1J+UkVkjVLrxKP3vB
	Qis2heYdsXV00zRmK48lp4hWlfrIf289ZBURB7Ky7T4vlZ0NduXYboqgvr6CvfZcBzoAuCHJRSY
	3bEey//zu9yQLRtJHIV3ViyzHDbwCtPhMxcwMuZ1k0fdBL+fWkAZTroWoDmAx8Wz6og0hwK9kyg
	i7Ko+ovOZ3DbAKiRGH4TF24yPgBUulK0BfGBU54ZaQZ+vrQki69Eh1ygjy4eyQt234TkstrdoDb
	BqtQyx4kwc8WsR7fSUHz5E4Xs3DtKKFq7I6k/Y5clR0QvUEUmvfYmg+NHV92nTxb6GoTowYIHVO
	S2TmFvYosrimd2G0Q1tmE+4K0u7GscVOuAU2uUlnhv2YBl6t7h0VhiO+s+175d+8xOahWlhnBTP
	TMWXnXVz1cLtji3mRPj5sMoSXZLjM/nYkGz/+Gy8XDWcUjtyheyirf2X5bGJzYpdIb
X-Received: by 2002:a05:600c:64c6:b0:485:34a2:919e with SMTP id 5b1f17b1804b1-487160a681bmr40017505e9.33.1774434041701;
        Wed, 25 Mar 2026 03:20:41 -0700 (PDT)
Received: from pumpkin (82-69-66-36.dsl.in-addr.zen.co.uk. [82.69.66.36])
        by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-487116ee562sm131565125e9.15.2026.03.25.03.20.41
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 25 Mar 2026 03:20:41 -0700 (PDT)
Date: Wed, 25 Mar 2026 10:20:39 +0000
From: David Laight <david.laight.linux@gmail.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: "Masami Hiramatsu (Google)" <mhiramat@kernel.org>, Petr Mladek
 <pmladek@suse.com>, Steven Rostedt <rostedt@goodmis.org>, Andy Shevchenko
 <andriy.shevchenko@linux.intel.com>, Rasmus Villemoes
 <linux@rasmusvillemoes.dk>, Sergey Senozhatsky <senozhatsky@chromium.org>,
 linux-kernel@vger.kernel.org
Subject: Re: [PATCH v4 0/2] lib/vsprintf: Fixes size check
Message-ID: <20260325102039.79afa79a@pumpkin>
In-Reply-To: <20260324220458.3ca2bfeb393eedb5cc7ff52d@linux-foundation.org>
References: <177440550682.147866.1854734911195480940.stgit@devnote2>
	<20260324220458.3ca2bfeb393eedb5cc7ff52d@linux-foundation.org>
X-Mailer: Claws Mail 4.1.1 (GTK 3.24.38; arm-unknown-linux-gnueabihf)
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

On Tue, 24 Mar 2026 22:04:58 -0700
Andrew Morton <akpm@linux-foundation.org> wrote:

> On Wed, 25 Mar 2026 11:25:06 +0900 "Masami Hiramatsu (Google)" <mhiramat@kernel.org> wrote:
> 
> > Here is the 4th version of patches to fix vsnprintf().
> > 
> >  - Fix to limit the size of width and precision.
> >  - Warn if the return size is over INT_MAX.
> > 
> > Previous version is here;
> > 
> > https://lore.kernel.org/all/177410406326.38798.16853803119128725972.stgit@devnote2/
> > 
> > In this version, do clamp() the width and precision before checking it and
> > accept negative precision[1/3] and add Petr's Reviewed-by[2/2].  
> 
> AI review has flagged a couple of possible issues:
> 	https://sashiko.dev/#/patchset/177440550682.147866.1854734911195480940.stgit@devnote2

I'd guess there are exactly 0 places where a negative precision is passed
to "%.*s" - if there were any someone would have complained about the
output being missing.
Checking all 759 cases grep -r '".*%.*\.%*s.*"' found will be tedious.
But pretty much all are 'namelen'.

In any case worst thing should be a panic if the code hits an invalid
address before finding a '\0' byte - probably unlikely anyway.

I'd fix it, but try to stop it being backported.

	David