Use snprintf() to avoid the potential buffer overflow. Although in the
current code this is hardly possible, the safety is unclean.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Peter Kosyh <pkosyh@xxxxxxxxx>
---
drivers/net/ethernet/mellanox/mlx4/main.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/mellanox/mlx4/main.c b/drivers/net/ethernet/mellanox/mlx4/main.c
index d3fc86cd3c1d..0616d352451b 100644
--- a/drivers/net/ethernet/mellanox/mlx4/main.c
+++ b/drivers/net/ethernet/mellanox/mlx4/main.c
@@ -3057,7 +3057,8 @@ static int mlx4_init_port_info(struct mlx4_dev *dev, int port)
info->base_qpn = mlx4_get_base_qpn(dev, port);
}
- sprintf(info->dev_name, "mlx4_port%d", port);
+ snprintf(info->dev_name, sizeof(info->dev_name),
+ "mlx4_port%d", port);
info->port_attr.attr.name = info->dev_name;
if (mlx4_is_mfunc(dev)) {
info->port_attr.attr.mode = 0444;
@@ -3077,7 +3078,8 @@ static int mlx4_init_port_info(struct mlx4_dev *dev, int port)
return err;
}
- sprintf(info->dev_mtu_name, "mlx4_port%d_mtu", port);
+ snprintf(info->dev_mtu_name, sizeof(info->dev_mtu_name),
+ "mlx4_port%d_mtu", port);
info->port_mtu_attr.attr.name = info->dev_mtu_name;
if (mlx4_is_mfunc(dev)) {
info->port_mtu_attr.attr.mode = 0444;
--
2.38.1
