[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 3/3] Use NT Safe String printf in log.c

To: win-pv-devel@xxxxxxxxxxxxxxxxxxxx
From: Owen Smith <owen.smith@xxxxxxxxxx>
Date: Thu, 19 Feb 2026 14:39:53 +0000
Cc: Owen Smith <owen.smith@xxxxxxxxxx>
Delivery-date: Thu, 19 Feb 2026 14:40:06 +0000
List-id: Developer list for the Windows PV Drivers subproject <win-pv-devel.lists.xenproject.org>

CodeQL generates a warning about using sprintf(). Switch to using
RtlStringCbPrintf() when formatting debug messages.

Signed-off-by: Owen Smith <owen.smith@xxxxxxxxxx>
---
 src/xencrsh/log.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/xencrsh/log.c b/src/xencrsh/log.c
index a1e8a5a..dd91d5e 100644
--- a/src/xencrsh/log.c
+++ b/src/xencrsh/log.c
@@ -34,6 +34,7 @@
 #include "driver.h"
 #include "assert.h"
 #include <stdio.h>
+#include <ntstrsafe.h>
 
 static PVOID Port12 = ((PVOID)(ULONG_PTR)0x12);
 
@@ -254,8 +255,7 @@ LogVDebug(
 {
     static CHAR Buffer[256];
 
-#pragma warning(suppress : 28719) // SDV
-    sprintf(Buffer, "%s|%s|%s:", Module, __Mode(), Function);
+    RtlStringCbPrintfA(Buffer, sizeof(Buffer), "%s|%s|%s:", Module, __Mode(), 
Function);
     Buffer[255] = 0;
 
     vDbgPrintExWithPrefix(Buffer,
-- 
2.51.2.windows.1

Follow-Ups:
- Re: [PATCH 3/3] Use NT Safe String printf in log.c
  - From: Tu Dinh

References:
- [PATCH 1/3] XenDisk: Report Discard support by issuing an Inquiry
  - From: Owen Smith

Prev by Date: [PATCH 2/3] Refactor Features and DiskInfo
Next by Date: Re: [PATCH 3/3] Use NT Safe String printf in log.c
Previous by thread: Re: [PATCH 2/3] Refactor Features and DiskInfo
Next by thread: Re: [PATCH 3/3] Use NT Safe String printf in log.c
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.