On 2/7/22 10:57 PM, Sergey Shtylyov wrote: > sprintf() (still used in the MMC core for the sysfs output) is vulnerable > to the buffer overflow. Use the new-fangled sysfs_emit() instead. > > Found by Linux Verification Center (linuxtesting.org) with the SVACE static > analysis tool. > > Signed-off-by: Sergey Shtylyov <s.shtylyov@xxxxxx> > > --- > This patch is against the 'next' branch of Ulf Hansson's 'mmc.git' repo. > > drivers/mmc/core/bus.c | 8 ++++---- > drivers/mmc/core/bus.h | 3 ++- > drivers/mmc/core/mmc.c | 16 ++++++++-------- > drivers/mmc/core/sd.c | 22 ++++++++++------------ > drivers/mmc/core/sdio.c | 4 ++-- > drivers/mmc/core/sdio_bus.c | 6 +++--- > 6 files changed, 29 insertions(+), 30 deletions(-) [...] Mhm... I forgot to #include <linux/sysfs.h> in some files -- they build without it but better safe than sorry... :-) MBR, Sergey
