On Wed, Sep 11, 2019 at 12:19:31AM +0530, Rohit Sarkar wrote:
> When the number of bytes to be printed exceeds the limit snprintf
> returns the number of bytes that would have been printed (if there was
> no truncation). This might cause issues, hence use scnprintf which
^^^^^^^^^^^^^^^^^^^^^^^
Nope. The code handles that situation fine so it will not cause issues.
> returns the actual number of bytes printed to buffer always.
>
> Signed-off-by: Rohit Sarkar <rohitsarkar5398@xxxxxxxxx>
> ---
> drivers/staging/rtl8712/rtl871x_ioctl_linux.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/staging/rtl8712/rtl871x_ioctl_linux.c b/drivers/staging/rtl8712/rtl871x_ioctl_linux.c
> index b08b9a191a34..ff5edcaba64d 100644
> --- a/drivers/staging/rtl8712/rtl871x_ioctl_linux.c
> +++ b/drivers/staging/rtl8712/rtl871x_ioctl_linux.c
> @@ -142,7 +142,7 @@ static noinline_for_stack char *translate_scan_wpa(struct iw_request_info *info,
> memset(buf, 0, MAX_WPA_IE_LEN);
> n = sprintf(buf, "wpa_ie=");
> for (i = 0; i < wpa_len; i++) {
> - n += snprintf(buf + n, MAX_WPA_IE_LEN - n,
> + n += scnprintf(buf + n, MAX_WPA_IE_LEN - n,
> "%02x", wpa_ie[i]);
> if (n >= MAX_WPA_IE_LEN)
^^^^^^^^^^^^^^^^^^^
It checks for overflow here. This check is impossible now and doesn't
make sense. The other loop is similar.
> break;
regards,
dan carpenter
_______________________________________________
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxx
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
