From mboxrd@z Thu Jan 1 00:00:00 1970 From: Claude Code Review Bot To: dri-devel-reviews@example.com Subject: Claude review: Re: [PATCH] staging: fbtft: replace sprintf with snprintf Date: Thu, 04 Jun 2026 14:40:17 +1000 Message-ID: In-Reply-To: <2026060110-unlisted-headache-aec7@gregkh> References: <2026060110-unlisted-headache-aec7@gregkh> <2026060110-unlisted-headache-aec7@gregkh> X-Mailer: Claude Code Patch Reviewer Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Patch Review **Correctness: The change is functionally correct.** The buffers are declared at line 734-735: ```c char text1[50] =3D ""; char text2[50] =3D ""; ``` The patch correctly uses `sizeof(text1)` and `sizeof(text2)` as the size ar= guments, which resolve to 50 since these are stack-allocated arrays (not po= inters). The format strings and arguments are preserved correctly. **Observations:** 1. **Low practical risk from the original code**: The `text1` format `", %z= u KiB buffer memory"` with a `size_t` value shifted right by 10 bits will p= roduce at most ~30 characters (e.g. `", 4294967295 KiB buffer memory"` is 3= 1 chars). Similarly, `text2` with `", spi%d.%d at %d MHz"` will realistical= ly fit well within 50 bytes. There is no actual buffer overflow risk here = =E2=80=94 the `sprintf` calls are safe given the buffer sizes and value ran= ges. This is a cleanup, not a bug fix, despite the commit message claiming = "potential buffer overflow." 2. **Preferred kernel alternative**: The current kernel community preferenc= e for this kind of cleanup is `scnprintf()` rather than `snprintf()`. `scnp= rintf()` returns the number of characters actually written (excluding the n= ull terminator), which is generally more useful and avoids off-by-one confu= sion with the return value. However, since the return values are not used h= ere, `snprintf()` is functionally equivalent and acceptable. 3. **Style nit**: The reformatted `snprintf` for `text2` has correct alignm= ent =E2=80=94 the continuation arguments are aligned to the opening parenth= esis, which follows kernel coding style. **Verdict**: The code change itself is fine as a minor cleanup, but the pat= ch would need to be resubmitted with: (a) a proper commit message explainin= g the rationale, (b) the patch sent inline (not as an attachment), (c) a re= al name on the Signed-off-by, and (d) use of `git send-email`. The commit m= essage should also not overstate the risk =E2=80=94 this is a style/hardeni= ng cleanup, not fixing an actual overflow. --- Generated by Claude Code Patch Reviewer