From: Arnd Bergmann
Sent: 03 December 2023 20:51 On Sun, Dec 3, 2023, at 19:41, Dmitry Torokhov wrote:
On Mon, Nov 27, 2023 at 03:42:06PM -0500, Zack Rusin wrote:
From: Zack Rusin zackr@vmware.com
Make sure vmmouse_data::phys can hold serio::phys (which is 32 bytes) plus an extra string, extend it to 64.
Fixes gcc13 warnings: drivers/input/mouse/vmmouse.c: In function ‘vmmouse_init’: drivers/input/mouse/vmmouse.c:455:53: warning: ‘/input1’ directive output may be truncated writing
7 bytes into a region of size between 1 and 32 [-Wformat-truncation=]
455 | snprintf(priv->phys, sizeof(priv->phys), "%s/input1", | ^~~~~~~ drivers/input/mouse/vmmouse.c:455:9: note: ‘snprintf’ output between 8 and 39 bytes into a
destination of size 32
455 | snprintf(priv->phys, sizeof(priv->phys), "%s/input1", | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 456 | psmouse->ps2dev.serio->phys); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This simply wastes 32 bytes. It is perfectly fine to truncate phys (which does not happen in real life).
-Wformat-truncation is disabled in normal builds, folks should stop using it with W=1 as well.
It does find real bugs, and we are fairly close to being able to enable it by default once the remaining warnings are all fixed.
It also doesn't waste any memory in this specific case since vmmouse_data is currently at 168 bytes, which gets rounded up to either 192 or 256 bytes anyway. I'd suggest using the minimum size that is large enough though, in this case 39 bytes for the string I guess.
That rather depends on whether any of the earlier char[] lengths have been rounded up to a 'nice' value.
I'd also have thought that dangerous overflows would come from unbounded %s formats, not fixed size strings or integers that are always small.
There really ought to be a sane method of telling gcc not to bleat about snprintf() potentially overflowing the target.
I've tried a few thing but none of them work. IIRC using the result (in some ways) is enough, but neither (void)snprintf(...); or if (snprintf(...)); is enough (but they 'fix' 'warn unused result').
David
Arnd
- Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)