1. Patchew
  2. linux
  3. View series

[PATCH] net: 6lowpan: replace sprintf() with scnprintf() in debugfs

Kathara Sasikumar posted 1 patch 1 week, 3 days ago 
net/6lowpan/debugfs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] net: 6lowpan: replace sprintf() with scnprintf() in debugfs
Posted by Kathara Sasikumar 1 week, 3 days ago 
sprintf() does not perform bounds checking on the destination buffer and
is deprecated in the kernel as documented in
Documentation/process/deprecated.rst.

Replace it with scnprintf() to ensure the write stays within bounds.

No functional change intended.

Signed-off-by: Kathara Sasikumar <katharasasikumar007@gmail.com>
---
 net/6lowpan/debugfs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/6lowpan/debugfs.c b/net/6lowpan/debugfs.c
index 600b9563bfc5..d45ace484143 100644
--- a/net/6lowpan/debugfs.c
+++ b/net/6lowpan/debugfs.c
@@ -173,7 +173,7 @@ static void lowpan_dev_debugfs_ctx_init(struct net_device *dev,
 	if (WARN_ON_ONCE(id >= LOWPAN_IPHC_CTX_TABLE_SIZE))
 		return;
 
-	sprintf(buf, "%d", id);
+	scnprintf(buf, sizeof(buf), "%d", id);
 
 	root = debugfs_create_dir(buf, ctx);
 
-- 
2.51.0
Re: [PATCH] net: 6lowpan: replace sprintf() with scnprintf() in debugfs
Posted by Simon Horman 1 week, 2 days ago 
On Fri, Dec 05, 2025 at 05:53:24PM +0000, Kathara Sasikumar wrote:
> sprintf() does not perform bounds checking on the destination buffer and
> is deprecated in the kernel as documented in
> Documentation/process/deprecated.rst.

Hi Kathara,

Thanks for your patch.

While I do see this mentioned at [1], and I do agree with the approach
taken here, I don't see it mentioned in deprecated.rst in net-next or
Linus' tree.

[1] https://lwn.net/Articles/69419/
[2] https://lore.kernel.org/netdev/20251017094954.1402684-1-wintera@linux.ibm.com/

> 
> Replace it with scnprintf() to ensure the write stays within bounds.
> 
> No functional change intended.
> 
> Signed-off-by: Kathara Sasikumar <katharasasikumar007@gmail.com>

This patch looks like it should be targeted at net-next,
and that should be done like this.

Subject: [PATCH net-next] ...

But unfortunately net-next is currently closed.

## Form letter - net-next-closed

The merge window for v6.19 has begun and therefore net-next has closed
for new drivers, features, code refactoring and optimizations. We are
currently accepting bug fixes only.

Please repost when net-next reopens.

Due to a combination of the merge-window, travel commitments of the
maintainers, and the holiday season, net-next will re-open after
2nd January.

RFC patches sent for review only are welcome at any time.

See: https://www.kernel.org/doc/html/next/process/maintainer-netdev.html#development-cycle

-- 
pw-bot: changes-requested

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.