Attention is currently required from: Dmitry Zhadinets.

Peter Marheine has posted comments on this change by Dmitry Zhadinets. ( https://review.coreboot.org/c/flashrom/+/86875?usp=email )

Change subject: libflashrom: Update the API for Logger Callback ......................................................................

Patch Set 8:

(1 comment)

File libflashrom.c:

https://review.coreboot.org/c/flashrom/+/86875/comment/c9766ae2_273eecd4?usp... : PS4, Line 59: /* Dynamic messages and double formatting may not be ideal, : as they are slow. It would be better to limit the message : size to a fixed value (e.g., char message[1024] = {0};). */

Peter, I wanted to check, do you agree with how this ended up looking like? No dynamic allocation, h […]

Returning an error seems like an okay start, but in practical terms that's nearly the same as silently dropping the message because most uses of logging don't bother to check the return value (and I think that's reasonable because checking it would lead to much messier code).

As a compromise, I'd suggest truncating the message and if it does get truncated then also log a note that the previous message was truncated. To give users a knob to twiddle in case they really want to be able to handle long messages, I would also make the buffer size a compile-time option.

``` char message[LOG_MESSAGE_LENGTH_LIMIT];

int actual_len = vsnprintf(message, sizeof(message), format, args); global_log_callback_v2(level, message, global_log_user_data);

if (actual_len >= sizeof(message)) { snprintf(message, sizeof(message), "%d characters were truncated from the previous log message", actual_len - sizeof(message) + 1); global_log_callback_v2(FLASHROM_MSG_WARN, message, global_log_user_data); } ```