Re: [PATCH] staging: greybus: gbphy: replaced sprintf() with sysfs_emit()

Next message: Andy Shevchenko: "Re: [PATCH v1 1/1] nfs/blocklayout: Fix compilation error (`make W=1`) in bl_write_pagelist()"
Previous message: syzbot: "Re: [syzbot] [net?] kernel BUG in fib6_add_rt2node (2)"
In reply to: Neel Bullywon: "[PATCH] staging: greybus: gbphy: replaced sprintf() with sysfs_emit()"
Next in thread: Greg Kroah-Hartman: "Re: [PATCH] staging: greybus: gbphy: replaced sprintf() with sysfs_emit()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Dan Carpenter

Date: Wed Feb 04 2026 - 04:46:41 EST

On Tue, Feb 03, 2026 at 04:22:54PM -0500, Neel Bullywon wrote:
> Replaced sprintf() with sysfs_emit in the protocol_id_show() sysfs
> attribute func to prevent any potential buffer overflows

There are no buffer overflows here. buf is PAGE_SIZE so it's more
than large enough. I like this change, but the commit message
implies there is a potential buffer overflow and that's wrong.

Say something like: "This code is safe, but replace sprintf()
with sysfs_emit() because we are trying to get rid of calls to
sprintf() as part of kernel hardenning and sysfs_emit() is more
appropriate in this context".

>
> This is to ensure a kernel-wide migration to safer string formatting
> functions for sysfs handlers
>
> This was compile-tested only (no VM/hardware used)

Don't put this sort of comment in the commit message. Put it under the
--- cut off line.

>
> Signed-off-by: Neel Bullywon <neelb2403@xxxxxxxxx>
> ---
^^^
Here.

regards,
dan carpenter