On Tue, Nov 13, 2007 at 01:48:15PM -0600, Linas Vepstas wrote: > On Mon, Nov 12, 2007 at 05:13:36PM -0700, Alex Chiang wrote: > > + slot->name = kmalloc(8, GFP_KERNEL); > > + sprintf(slot->name, "fake%d", count++); > > Please use snprintf to avoid buffer overruns! Or, since kmalloc can return a 32-byte object at smallest, just allocate 32 bytes and continue using sprintf. fake%d would overflow after 999,999,999,999,999,999,999,999,999 pci devices, by which time we've run the machine out of memory anyway. -- Intel are signing my paycheques ... these opinions are still mine "Bill, look, we understand that you're interested in selling us this operating system, but compare it to ours. We can't possibly take such a retrograde step." - To unsubscribe from this list: send the line "unsubscribe linux-acpi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
