On Sun, Mar 22, 2020 at 10:09:11AM +0100, Takashi Iwai wrote: > snprintf() is a hard-to-use function, and it's especially difficult to > use it properly for concatenating substrings in a buffer with a > limited size. Since snprintf() returns the would-be-output size, not > the actual size, the subsequent use of snprintf() may point to the > incorrect position easily. Also, returning the value from snprintf() > directly to sysfs show function would pass a bogus value that is > higher than the actually truncated string. > > That said, although the current code doesn't actually overflow the > buffer with PAGE_SIZE, it's a usage that shouldn't be done. Or it's > worse; this gives a wrong confidence as if it were doing safe > operations. > > This patch replaces such snprintf() calls with a safer version, > scnprintf(). It returns the actual output size, hence it's more > intuitive and the code does what's expected. Thanks, added to patch queue.
