Hello! On 1/31/22 7:14 PM, Ulf Hansson wrote: >> sprintf() (still used in #define sdio_info_attr()) is vulnerable to the >> buffer overflow. Use the new-fangled sysfs_emit() instead. >> >> While at it, add spaces around the minus sign... >> >> Found by Linux Verification Center (linuxtesting.org) with the SVACE static >> analysis tool. >> >> Signed-off-by: Sergey Shtylyov <s.shtylyov@xxxxxx> > > Thanks for fixing this! > > However, rather than applying these piece by piece, would you mind > squashing these "sysfs_emit" fixes into one patch for the mmc core? It > would be easier for me to handle - and it should still be an easy > backport, I think. OK, just posted! Note that in some place I had to reindent the entire function (indented with spaces) because checkpatch.pl was bitching... > Kind regards > Uffe [...] MBR, Sergey
