From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D17DAEB64DB for ; Tue, 20 Jun 2023 15:07:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233571AbjFTPHc (ORCPT ); Tue, 20 Jun 2023 11:07:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40412 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233523AbjFTPH1 (ORCPT ); Tue, 20 Jun 2023 11:07:27 -0400 Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EB98CDC for ; Tue, 20 Jun 2023 08:07:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1687273646; x=1718809646; h=date:from:to:cc:subject:message-id:references: mime-version:content-transfer-encoding:in-reply-to; bh=dKDmJjt7XJnSsECb/w05H37T93Rv7V4QnXaN44SoXng=; b=lhqzoryXz0lRnnDb3RoKeX7kc84FNAKV3QWauRN8aFEVsr/Rl23NqkoQ r2zJn2EmYnZ4aKzGHabk3GrKy3EnYbwqhr7e7akAPTHcobIJlYUqbV0ZJ 2+jsYixRmtoNr64eZF34boONiYMgtzlYbXc69ZV+fHJChepT10jv/McOr f8IteT8RZCAIgLqThWVSxP0raa/GttcI1qw1HkRSg5B5dne6SHiWtGqUI tKkSWeCU8aDVLbLvMJnq/x9X7pZxVxXkq2NAVkBoWDQCBu504dsQtnD5f qRh5Ph79KTZxgKSiVMinyZAqVfUd28VPHGyze+V5MgkyfhuNSZV+8KiIn g==; X-IronPort-AV: E=McAfee;i="6600,9927,10747"; a="389158038" X-IronPort-AV: E=Sophos;i="6.00,257,1681196400"; d="scan'208";a="389158038" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Jun 2023 08:05:54 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10747"; a="714071011" X-IronPort-AV: E=Sophos;i="6.00,257,1681196400"; d="scan'208";a="714071011" Received: from smile.fi.intel.com ([10.237.72.54]) by orsmga002.jf.intel.com with ESMTP; 20 Jun 2023 08:05:17 -0700 Received: from andy by smile.fi.intel.com with local (Exim 4.96) (envelope-from ) id 1qBcux-005Hbs-04; Tue, 20 Jun 2023 18:05:15 +0300 Date: Tue, 20 Jun 2023 18:05:14 +0300 From: Andy Shevchenko To: Petr Mladek Cc: David Laight , 'Demi Marie Obenour' , Alexey Dobriyan , "linux-kernel@vger.kernel.org" , Rasmus Villemoes , Hans de Goede , Mauro Carvalho Chehab , Sakari Ailus , Greg Kroah-Hartman , Juergen Gross , Stefano Stabellini , Oleksandr Tyshchenko , Lee Jones , Andy Lutomirski , Thomas Gleixner , Vincenzo Frascino , Steven Rostedt , Sergey Senozhatsky Subject: Re: [PATCH v3 0/4] Make sscanf() stricter Message-ID: References: <23df90dd35874fd89c64906e6a6de164@AcuMS.aculab.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jun 20, 2023 at 04:57:55PM +0200, Petr Mladek wrote: > On Tue 2023-06-20 16:52:42, Andy Shevchenko wrote: > > On Tue, Jun 20, 2023 at 03:34:09PM +0200, Petr Mladek wrote: > > > On Thu 2023-06-15 14:23:59, Andy Shevchenko wrote: > > > > On Thu, Jun 15, 2023 at 08:06:46AM +0000, David Laight wrote: ... > > > + %pj or another %p modifiers would be hard to understand either. > > > > > > Yes, we have %pe but I think that only few people really use it. > > > And it is kind of self-explanatory because it is typically > > > used together with ERR_PTR() and with variables called > > > "err" or "ret". > > > > j, besides the luck of no (yet) use in the kernel's printf(), is > > described for printf(3) > > > > j A following integer conversion corresponds to an intmax_t or uintmax_t > > argument, or a following n conversion corresponds to a pointer to an > > intmax_t argument. > > I see, I have missed this coincidence. And we would really need to use %pj. > %jd requires intmax_t variable. Otherwise, the compiler produces: > > kernel/lib/test.c:10:17: error: format ‘%jd’ expects argument of type ‘intmax_t *’, but argument 3 has type ‘int *’ [-Werror=format=] > sscanf(str, "%jd hello.", &tmp); > > Hmm, %pj might even make some sense for sscanf() which requires pointers anyway. > But still, we would lose the compiler check of the size of the passed > buffer. > > This is actually my concern with many other %p modifiers. The compiler > is not able to check that we pass the right pointer. I know that this > might happen even with wrong buffer passed to %s or so. But number > types is another category. Yeah, it was a discussion IIRC for the compiler plugin to support %p extensions, but I have no idea where it's now. > > So, I think among all proposals, this one is the best (while all of them may > > sound not good). > > I still prefer the custom handler when it is not too complex. > > Or if there are many users, we could create sscanf_strict() or so. -- With Best Regards, Andy Shevchenko