Re: [RESEND PATCH] leds: mlxreg: Fix possible buffer overflow

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed 2019-10-16 10:24:30, Oleh Kravchenko wrote:
> Error was detected by PVS-Studio:
> V512 A call of the 'sprintf' function will lead to overflow of
> the buffer 'led_data->led_cdev_name'.
> 
> Acked-by: Jacek Anaszewski <jacek.anaszewski@xxxxxxxxx>
> Acked-by: Pavel Machek <pavel@xxxxxx>
> Signed-off-by: Oleh Kravchenko <oleg@xxxxxxxxxx>

Thanks for resend, and sorry for the delay.

Note that this would only be security issue if someone did malicious
device tree... so... not a security issue :-).

Applied.

								Pavel

> index cabe379071a7..82aea1cd0c12 100644
> --- a/drivers/leds/leds-mlxreg.c
> +++ b/drivers/leds/leds-mlxreg.c
> @@ -228,8 +228,8 @@ static int mlxreg_led_config(struct mlxreg_led_priv_data *priv)
>  			brightness = LED_OFF;
>  			led_data->base_color = MLXREG_LED_GREEN_SOLID;
>  		}
> -		sprintf(led_data->led_cdev_name, "%s:%s", "mlxreg",
> -			data->label);
> +		snprintf(led_data->led_cdev_name, sizeof(led_data->led_cdev_name),
> +			 "mlxreg:%s", data->label);
>  		led_cdev->name = led_data->led_cdev_name;
>  		led_cdev->brightness = brightness;
>  		led_cdev->max_brightness = LED_ON;
> -- 
> 2.21.0

-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Attachment: signature.asc
Description: PGP signature


[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux