Re: [PATCH 08/12] cdrom: use correct format characters

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Phillip Potter <phil@philpotter.co.uk>
To: Bill Wendling <morbo@google.com>
Cc: isanbard@gmail.com, Tony Luck <tony.luck@intel.com>,
	Borislav Petkov <bp@alien8.de>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
	Phillip Potter <phil@philpotter.co.uk>,
	Arnd Bergmann <arnd@arndb.de>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	"Rafael J. Wysocki" <rafael.j.wysocki@intel.com>,
	Jan Kara <jack@suse.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Pablo Neira Ayuso <pablo@netfilter.org>,
	Jozsef Kadlecsik <kadlec@netfilter.org>,
	Florian Westphal <fw@strlen.de>,
	"David S. Miller" <davem@davemloft.net>,
	Eric Dumazet <edumazet@google.com>,
	Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
	Jaroslav Kysela <perex@perex.cz>, Takashi Iwai <tiwai@suse.com>,
	Nathan Chancellor <nathan@kernel.org>,
	Nick Desaulniers <ndesaulniers@google.com>,
	Tom Rix <trix@redhat.com>,
	Ross Philipson <ross.philipson@oracle.com>,
	Daniel Kiper <daniel.kiper@oracle.com>,
	linux-edac@vger.kernel.org, linux-kernel@vger.kernel.org,
	linux-acpi@vger.kernel.org, linux-mm@kvack.org,
	netfilter-devel@vger.kernel.org, coreteam@netfilter.org,
	netdev@vger.kernel.org, alsa-devel@alsa-project.org,
	llvm@lists.linux.dev
Subject: Re: [PATCH 08/12] cdrom: use correct format characters
Date: Sun, 12 Jun 2022 17:23:47 +0100	[thread overview]
Message-ID: <YqYTExy0IpVbunBL@equinox> (raw)
In-Reply-To: <20220609221702.347522-9-morbo@google.com>

On Thu, Jun 09, 2022 at 10:16:27PM +0000, Bill Wendling wrote:
> From: Bill Wendling <isanbard@gmail.com>
> 
> When compiling with -Wformat, clang emits the following warnings:
> 
> drivers/cdrom/cdrom.c:3454:48: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security]
>         ret = scnprintf(info + *pos, max_size - *pos, header);
>                                                       ^~~~~~
> 
> Use a string literal for the format string.
> 
> Link: https://github.com/ClangBuiltLinux/linux/issues/378
> Signed-off-by: Bill Wendling <isanbard@gmail.com>
> ---
>  drivers/cdrom/cdrom.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/cdrom/cdrom.c b/drivers/cdrom/cdrom.c
> index 416f723a2dbb..52b40120c76e 100644
> --- a/drivers/cdrom/cdrom.c
> +++ b/drivers/cdrom/cdrom.c
> @@ -3451,7 +3451,7 @@ static int cdrom_print_info(const char *header, int val, char *info,
>  	struct cdrom_device_info *cdi;
>  	int ret;
>  
> -	ret = scnprintf(info + *pos, max_size - *pos, header);
> +	ret = scnprintf(info + *pos, max_size - *pos, "%s", header);
>  	if (!ret)
>  		return 1;
>  
> -- 
> 2.36.1.255.ge46751e96f-goog
> 

Hi Bill,

Thank you for the patch, much appreciated.

Looking at this though, all callers of cdrom_print_info() provide 'header'
as a string literal defined within the driver, when making the call.
Therefore, I'm not convinced this change is necessary for cdrom.c -
that said, in this particular use case I don't think it would hurt
either.

I've followed the other responses on parts of this series, so I
understand that a different solution is potentially in the works.
Thought I'd respond anyway though out of courtesy.

All the best,
Phil (Uniform CDROM Maintainer)

next prev parent reply	other threads:[~2022-06-12 16:23 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-06-09 22:16 [PATCH 00/12] Clang -Wformat warning fixes Bill Wendling
2022-06-09 22:16 ` [PATCH 01/12] x86/mce: use correct format characters Bill Wendling
2022-06-09 23:14   ` Randy Dunlap
2022-06-09 23:18     ` Bill Wendling
2022-06-09 22:16 ` [PATCH 02/12] x86/CPU/AMD: " Bill Wendling
2022-06-09 22:16 ` [PATCH 03/12] x86/e820: " Bill Wendling
2022-06-09 22:16 ` [PATCH 04/12] blk-cgroup: " Bill Wendling
2022-06-10  8:10   ` Christoph Hellwig
2022-06-09 22:16 ` [PATCH 05/12] fs: quota: " Bill Wendling
2022-06-09 22:16 ` [PATCH 06/12] PNP: " Bill Wendling
2022-06-09 22:16 ` [PATCH 07/12] driver/char: " Bill Wendling
2022-06-10  5:18   ` Greg Kroah-Hartman
2022-06-13 18:40     ` Bill Wendling
2022-06-09 22:16 ` [PATCH 08/12] cdrom: " Bill Wendling
2022-06-12 16:23   ` Phillip Potter [this message]
2022-06-13 18:47     ` Bill Wendling
2022-06-09 22:16 ` [PATCH 09/12] ALSA: seq: " Bill Wendling
2022-06-09 22:16 ` [PATCH 10/12] " Bill Wendling
2022-06-09 22:16 ` [PATCH 11/12] ALSA: control: " Bill Wendling
2022-06-09 22:16 ` [PATCH 12/12] netfilter: conntrack: " Bill Wendling
2022-06-20 14:44   ` Pablo Neira Ayuso
2022-07-11 14:35   ` Pablo Neira Ayuso
2022-06-09 22:25 ` [PATCH 00/12] Clang -Wformat warning fixes Andrew Morton
2022-06-09 22:49   ` Bill Wendling
2022-06-09 23:03     ` Jan Engelhardt
2022-06-09 23:16       ` Bill Wendling
2022-06-10  1:19         ` Andrew Morton
2022-06-10  5:20         ` Greg Kroah-Hartman
2022-06-10 12:44           ` Joe Perches
2022-06-10  8:17     ` David Laight
2022-06-10  8:32       ` Jan Engelhardt
2022-06-10  9:14         ` David Laight
2022-06-10  9:22           ` Jan Engelhardt
2022-06-10  0:32   ` Nick Desaulniers

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YqYTExy0IpVbunBL@equinox \
    --to=phil@philpotter.co.uk \
    --cc=akpm@linux-foundation.org \
    --cc=alsa-devel@alsa-project.org \
    --cc=arnd@arndb.de \
    --cc=bp@alien8.de \
    --cc=coreteam@netfilter.org \
    --cc=daniel.kiper@oracle.com \
    --cc=dave.hansen@linux.intel.com \
    --cc=davem@davemloft.net \
    --cc=edumazet@google.com \
    --cc=fw@strlen.de \
    --cc=gregkh@linuxfoundation.org \
    --cc=hpa@zytor.com \
    --cc=isanbard@gmail.com \
    --cc=jack@suse.com \
    --cc=kadlec@netfilter.org \
    --cc=kuba@kernel.org \
    --cc=linux-acpi@vger.kernel.org \
    --cc=linux-edac@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=llvm@lists.linux.dev \
    --cc=mingo@redhat.com \
    --cc=morbo@google.com \
    --cc=nathan@kernel.org \
    --cc=ndesaulniers@google.com \
    --cc=netdev@vger.kernel.org \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=pabeni@redhat.com \
    --cc=pablo@netfilter.org \
    --cc=perex@perex.cz \
    --cc=rafael.j.wysocki@intel.com \
    --cc=ross.philipson@oracle.com \
    --cc=tglx@linutronix.de \
    --cc=tiwai@suse.com \
    --cc=tony.luck@intel.com \
    --cc=trix@redhat.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).