On Wednesday, March 11, 2020 8:09:58 AM CET Takashi Iwai wrote: > Since snprintf() returns the would-be-output size instead of the > actual output size, the succeeding calls may go beyond the given > buffer limit. Fix it by replacing with scnprintf(). > > Signed-off-by: Takashi Iwai <tiwai@xxxxxxx> > --- > drivers/acpi/pci_root.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/acpi/pci_root.c b/drivers/acpi/pci_root.c > index d1e666ef3fcc..f92df2533e7e 100644 > --- a/drivers/acpi/pci_root.c > +++ b/drivers/acpi/pci_root.c > @@ -153,7 +153,7 @@ static void decode_osc_bits(struct acpi_pci_root *root, char *msg, u32 word, > buf[0] = '\0'; > for (i = 0, entry = table; i < size; i++, entry++) > if (word & entry->bit) > - len += snprintf(buf + len, sizeof(buf) - len, "%s%s", > + len += scnprintf(buf + len, sizeof(buf) - len, "%s%s", > len ? " " : "", entry->desc); > > dev_info(&root->device->dev, "_OSC: %s [%s]\n", msg, buf); > Applied as 5.7 material, thanks!
