Hi Yang 'or sprintf' in the subject line doesn't make much sense for what's done in this patch. Perhaps you meant "Use scnprintf instead of snprintf"?
On 12/22/20 17:11, YANG LI wrote: > The snprintf() function returns the number of characters which would > have been printed if there were enough space, but the scnprintf() > returns the number of characters which were actually printed. If the > buffer is not large enough, then using snprintf() would result in a > read overflow and an information leak. > > Signed-off-by: YANG LI <abaci-bug...@linux.alibaba.com> > Reported-by: Abaci <ab...@linux.alibaba.com> Two different yet very similar email addresses, it seems both are you? The Reported-by is unnecessary. > --- > kernel/cpu.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/cpu.c b/kernel/cpu.c > index 4e11e91..c123741 100644 > --- a/kernel/cpu.c > +++ b/kernel/cpu.c > @@ -2345,7 +2345,7 @@ static ssize_t show_cpuhp_states(struct device *dev, > { > const char *state = smt_states[cpu_smt_control]; > > - return snprintf(buf, PAGE_SIZE - 2, "%s\n", state); > + return scnprintf(buf, PAGE_SIZE - 2, "%s\n", state); show_cpuhp_states() doesn't have snprintf() in Linus' master. Which tree is this based on? I can see two snprintf() in cpu.c, show_smt_active/control(). Mind resend to fix them both? Thanks -- Qais Yousef