On Fri, Oct 13, 2023 at 5:22 AM Andrew Lunn <and...@lunn.ch> wrote:
>
> > - for (i = 0; i < ARRAY_SIZE(tja11xx_hw_stats); i++) {
> > - strncpy(data + i * ETH_GSTRING_LEN,
> > - tja11xx_hw_stats[i].string, ETH_GSTRING_LEN);
> > - }
> > + for (i = 0; i < ARRAY_SIZE(tja11xx_hw_stats); i++)
> > + ethtool_sprintf(&data, "%s", tja11xx_hw_stats[i].string);
> > }
>
> I assume you are using "%s" because tja11xx_hw_stats[i].string cannot
> be trusted as a format string? Is this indicating we need an
> ethtool_puts() ?
Indeed, it would trigger a -Wformat-security warning.
An ethtool_puts() would be useful for this situation.
>
> Andrew
