On Fri, Apr 24, 2015 at 11:22:24AM +0000, DHANAPAL, GNANACHANDRAN (G.) wrote: > This patch replaces snprintf instead of sprintf to avoid buffer overflow > > Signed-off-by: Gnanachandran Dhanapal <gdhanapa@xxxxxxxxxxx> > --- > drivers/staging/dgnc/dgnc_mgmt.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/staging/dgnc/dgnc_mgmt.c b/drivers/staging/dgnc/dgnc_mgmt.c > index b13318a..aa20a66 100644 > --- a/drivers/staging/dgnc/dgnc_mgmt.c > +++ b/drivers/staging/dgnc/dgnc_mgmt.c > @@ -116,7 +116,7 @@ long dgnc_mgmt_ioctl(struct file *file, unsigned int cmd, unsigned long arg) > spin_lock_irqsave(&dgnc_global_lock, flags); > > ddi.dinfo_nboards = dgnc_NumBoards; > - sprintf(ddi.dinfo_version, "%s", DG_PART); > + snprintf(ddi.dinfo_version, strlen(DG_PART)+1, "%s", DG_PART); This change makes no sense. If the original had memory corruption then the new code has memory corruption as well. regards, dan carpenter _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
