Re: [PATCH v2 2/2] iio: tsl2772: Use scnprintf() for avoiding potential buffer overflow

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 16 Mar 2020 12:20:26 -0400
Brian Masney <masneyb@xxxxxxxxxxxxx> wrote:

> On Mon, Mar 16, 2020 at 01:49:41PM +0100, Takashi Iwai wrote:
> > snprintf() is a hard-to-use function, it's especially difficult to use
> > it for concatenating substrings in a buffer with a limited size.
> > Since snprintf() returns the would-be-output size, not the actual
> > size, the subsequent use of snprintf() may go beyond the given limit
> > easily.  Although the current code doesn't actually overflow the
> > buffer, it's an incorrect usage.
> > 
> > This patch replaces such snprintf() calls with a safer version,
> > scnprintf().
> > 
> > Also this fixes the incorrect argument of the buffer limit size passed
> > to snprintf(), too.  The size has to be decremented for the remaining
> > length.
> > 
> > Signed-off-by: Takashi Iwai <tiwai@xxxxxxx>  
> 
> Reviewed-by: Brian Masney <masneyb@xxxxxxxxxxxxx>
Applied.  Thanks for sorting this out.

Jonathan




[Index of Archives]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Input]     [Linux Kernel]     [Linux SCSI]     [X.org]

  Powered by Linux