* Ricardo Neri <ricardo.neri-calde...@linux.intel.com> wrote: > > > + snprintf(warn, sizeof(warn), "%s %s", umip_insns[umip_inst], > > > + umip_warn_use); > > > > This is incredibly fragile against future buffer overflows, and warning > > about it > > in comments does not make it less fragile! > > I need to concatenate the instruction mnemonic with the a string. Does > something like > this is more acceptable? > > unsigned char warn[50]; > > ... > > strcpy(warn, umip_insns[umip_inst]); > strcat(warn, " instruction cannot be used by applications."); > umip_pr_warn(regs, warn, 0); > > In this manner I use the string literal directly but I still have a buffer > that might > overflow. Code looks more clear to me. I could #defines for the string > lengths or > set a maximum length.
This is still very fragile. The right solution would be to make umip_pr_warn() a varargs helper function, so that you can just use it to print things the usual way. I'd also use a __attribute__((format(printf))) specification to get good build-time warnings. Thanks, Ingo