Re: [PATCH 08/12] cdrom: use correct format characters
From: Phillip Potter
Date: Sun Jun 12 2022 - 12:23:59 EST
On Thu, Jun 09, 2022 at 10:16:27PM +0000, Bill Wendling wrote:
> From: Bill Wendling <isanbard@xxxxxxxxx>
>
> When compiling with -Wformat, clang emits the following warnings:
>
> drivers/cdrom/cdrom.c:3454:48: error: format string is not a string literal (potentially insecure) [-Werror,-Wformat-security]
> ret = scnprintf(info + *pos, max_size - *pos, header);
> ^~~~~~
>
> Use a string literal for the format string.
>
> Link: https://github.com/ClangBuiltLinux/linux/issues/378
> Signed-off-by: Bill Wendling <isanbard@xxxxxxxxx>
> ---
> drivers/cdrom/cdrom.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/cdrom/cdrom.c b/drivers/cdrom/cdrom.c
> index 416f723a2dbb..52b40120c76e 100644
> --- a/drivers/cdrom/cdrom.c
> +++ b/drivers/cdrom/cdrom.c
> @@ -3451,7 +3451,7 @@ static int cdrom_print_info(const char *header, int val, char *info,
> struct cdrom_device_info *cdi;
> int ret;
>
> - ret = scnprintf(info + *pos, max_size - *pos, header);
> + ret = scnprintf(info + *pos, max_size - *pos, "%s", header);
> if (!ret)
> return 1;
>
> --
> 2.36.1.255.ge46751e96f-goog
>
Hi Bill,
Thank you for the patch, much appreciated.
Looking at this though, all callers of cdrom_print_info() provide 'header'
as a string literal defined within the driver, when making the call.
Therefore, I'm not convinced this change is necessary for cdrom.c -
that said, in this particular use case I don't think it would hurt
either.
I've followed the other responses on parts of this series, so I
understand that a different solution is potentially in the works.
Thought I'd respond anyway though out of courtesy.
All the best,
Phil (Uniform CDROM Maintainer)