diff mbox series

[net,v2,2/2] net: usb: asix: ax88772: Increase phy_name size

Message ID 20250319105813.3102076-3-andriy.shevchenko@linux.intel.com (mailing list archive)
State New
Delegated to: Netdev Maintainers
Headers show
Series net: phy: Fix potential string cut when using PHY_ID_FMT | expand

Checks

Context Check Description
netdev/series_format success Posting correctly formatted
netdev/tree_selection success Clearly marked for net
netdev/ynl success Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present fail Series targets non-next tree, but doesn't contain any Fixes tags
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 0 this patch: 0
netdev/build_tools success No tools touched, skip
netdev/cc_maintainers success CCed 7 of 7 maintainers
netdev/build_clang success Errors and warnings before: 2 this patch: 2
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success No Fixes tag
netdev/build_allmodconfig_warn success Errors and warnings before: 1 this patch: 0
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 27 lines checked
netdev/build_clang_rust success No Rust files in patch. Skipping build
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0

Commit Message

Andy Shevchenko March 19, 2025, 10:54 a.m. UTC 
GCC compiler (Debian 14.2.0-17) is not happy about printing
into a short buffer (when build with `make W=1`):

 drivers/net/usb/ax88172a.c: In function ‘ax88172a_reset’:
 include/linux/phy.h:312:20: error: ‘%s’ directive output may be truncated writing up to 60 bytes into a region of size 20 [-Werror=format-truncation=]

Indeed, the buffer size is chosen based on some assumptions, while
in general the assigned name might not fit. Increase the buffer to
cover maximum length of the parameters. With that, change snprintf()
to use sizeof() instead of hard coded number.

Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
---
 drivers/net/usb/ax88172a.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

Comments

Andy Shevchenko March 19, 2025, 11:26 a.m. UTC | #1 
On Wed, Mar 19, 2025 at 12:54:34PM +0200, Andy Shevchenko wrote:
> GCC compiler (Debian 14.2.0-17) is not happy about printing
> into a short buffer (when build with `make W=1`):
> 
>  drivers/net/usb/ax88172a.c: In function ‘ax88172a_reset’:
>  include/linux/phy.h:312:20: error: ‘%s’ directive output may be truncated writing up to 60 bytes into a region of size 20 [-Werror=format-truncation=]
> 
> Indeed, the buffer size is chosen based on some assumptions, while
> in general the assigned name might not fit. Increase the buffer to
> cover maximum length of the parameters. With that, change snprintf()
> to use sizeof() instead of hard coded number.

...

>  	if (ret < 0)
>  		goto free;
> -
> +	if (ret >= PHY_MAX_ADDR) {
> +		netdev_err(dev->net, "Invalid PHY ID %x\n", ret);
> +		return -ENODEV;

Oh, I was blindly put what had been suggested, needs a fix, but I will wait for
other comments if any before issuing a v3.

> +	}
Russell King (Oracle) March 19, 2025, 2:43 p.m. UTC | #2 
On Wed, Mar 19, 2025 at 12:54:34PM +0200, Andy Shevchenko wrote:
> GCC compiler (Debian 14.2.0-17) is not happy about printing
> into a short buffer (when build with `make W=1`):
> 
>  drivers/net/usb/ax88172a.c: In function ‘ax88172a_reset’:
>  include/linux/phy.h:312:20: error: ‘%s’ directive output may be truncated writing up to 60 bytes into a region of size 20 [-Werror=format-truncation=]

GCC reckons this can be up to 60 bytes...

>  struct ax88172a_private {
>  	struct mii_bus *mdio;
>  	struct phy_device *phydev;
> -	char phy_name[20];
> +	char phy_name[MII_BUS_ID_SIZE + 3];

MII_BUS_ID_SIZE is sized to 61, and is what is used in struct
mii_bus::id. Why there a +3 here, which seems like a random constant to
make it 64-bit aligned in size. If we have need to increase
MII_BUS_ID_SIZE in the future, this kind of alignment then goes
wrong...

If the intention is to align it to 64-bit then there's surely a better
and future-proof ways to do that.

I'm also surprised that the +3 randomness wasn't described in the
commit message.

> @@ -210,7 +210,10 @@ static int ax88172a_bind(struct usbnet *dev, struct usb_interface *intf)
>  	ret = asix_read_phy_addr(dev, priv->use_embdphy);
>  	if (ret < 0)
>  		goto free;
> -
> +	if (ret >= PHY_MAX_ADDR) {
> +		netdev_err(dev->net, "Invalid PHY ID %x\n", ret);

An address is not a "PHY ID". "Invalid PHY address %d\n" probably makes
more sense, but if you want to keep the hex, then it really should be
%#x or 0x%x to make it clear that e.g. "20" is hex and not decimal.
diff mbox series

Patch

diff --git a/drivers/net/usb/ax88172a.c b/drivers/net/usb/ax88172a.c
index e47bb125048d..df00c62dd538 100644
--- a/drivers/net/usb/ax88172a.c
+++ b/drivers/net/usb/ax88172a.c
@@ -18,7 +18,7 @@ 
 struct ax88172a_private {
 	struct mii_bus *mdio;
 	struct phy_device *phydev;
-	char phy_name[20];
+	char phy_name[MII_BUS_ID_SIZE + 3];
 	u16 phy_addr;
 	u16 oldmode;
 	int use_embdphy;
@@ -210,7 +210,10 @@  static int ax88172a_bind(struct usbnet *dev, struct usb_interface *intf)
 	ret = asix_read_phy_addr(dev, priv->use_embdphy);
 	if (ret < 0)
 		goto free;
-
+	if (ret >= PHY_MAX_ADDR) {
+		netdev_err(dev->net, "Invalid PHY ID %x\n", ret);
+		return -ENODEV;
+	}
 	priv->phy_addr = ret;
 
 	ax88172a_reset_phy(dev, priv->use_embdphy);
@@ -308,7 +311,7 @@  static int ax88172a_reset(struct usbnet *dev)
 		   rx_ctl);
 
 	/* Connect to PHY */
-	snprintf(priv->phy_name, 20, PHY_ID_FMT,
+	snprintf(priv->phy_name, sizeof(priv->phy_name), PHY_ID_FMT,
 		 priv->mdio->id, priv->phy_addr);
 
 	priv->phydev = phy_connect(dev->net, priv->phy_name,