On Mon, 16 Mar 2020 12:20:26 -0400 Brian Masney <masneyb@xxxxxxxxxxxxx> wrote: > On Mon, Mar 16, 2020 at 01:49:41PM +0100, Takashi Iwai wrote: > > snprintf() is a hard-to-use function, it's especially difficult to use > > it for concatenating substrings in a buffer with a limited size. > > Since snprintf() returns the would-be-output size, not the actual > > size, the subsequent use of snprintf() may go beyond the given limit > > easily. Although the current code doesn't actually overflow the > > buffer, it's an incorrect usage. > > > > This patch replaces such snprintf() calls with a safer version, > > scnprintf(). > > > > Also this fixes the incorrect argument of the buffer limit size passed > > to snprintf(), too. The size has to be decremented for the remaining > > length. > > > > Signed-off-by: Takashi Iwai <tiwai@xxxxxxx> > > Reviewed-by: Brian Masney <masneyb@xxxxxxxxxxxxx> Applied. Thanks for sorting this out. Jonathan
