On 05.08.2019 15:29, Julien Grall wrote:
> @@ -1261,14 +1259,15 @@ void debugtrace_printk(const char *fmt, ...)
> ASSERT(debugtrace_buf[debugtrace_bytes - 1] == 0);
>
> va_start(args, fmt);
> - vsnprintf(buf, sizeof(buf), fmt, args);
> + nr = vscnprintf(buf, sizeof(buf), fmt, args);
> va_end(args);
>
> if ( debugtrace_send_to_console )
> {
> - snprintf(cntbuf, sizeof(cntbuf), "%u ", ++count);
> - serial_puts(sercon_handle, cntbuf);
> - serial_puts(sercon_handle, buf);
> + unsigned int n = snprintf(cntbuf, sizeof(cntbuf), "%u ", ++count);
While - given the size of cntbuf - the difference is mostly
benign, you using vscnprintf() above calls for you also
using scnprintf() here.
> --- a/xen/include/xen/video.h
> +++ b/xen/include/xen/video.h
> @@ -13,11 +13,11 @@
>
> #ifdef CONFIG_VIDEO
> void video_init(void);
> -extern void (*video_puts)(const char *);
> +extern void (*video_puts)(const char *, size_t nr);
> void video_endboot(void);
> #else
> #define video_init() ((void)0)
> -#define video_puts(s) ((void)0)
> +#define video_puts(s, nr) ((void)0)
While I don't think there's overly much risk of "s" getting an
argument with side effects passed, I think that for "nr" the
risk is there. May I ask that you evaluate both here, just in
case?
Preferably with these adjustments
Reviewed-by: Jan Beulich <jbeul...@suse.com>
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
