Since snprintf() returns the would-be-output size instead of the actual output size, the succeeding calls may go beyond the given buffer limit. Fix it by replacing with scnprintf(). Cc: Kashyap Desai <kashyap.desai@xxxxxxxxxxxx> Cc: Sumit Saxena <sumit.saxena@xxxxxxxxxxxx> Cc: Shivasharan S <shivasharan.srikanteshwara@xxxxxxxxxxxx> Signed-off-by: Takashi Iwai <tiwai@xxxxxxx> --- drivers/scsi/megaraid/megaraid_sas_base.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/scsi/megaraid/megaraid_sas_base.c b/drivers/scsi/megaraid/megaraid_sas_base.c index 5bebdd397580..c3554bb12071 100644 --- a/drivers/scsi/megaraid/megaraid_sas_base.c +++ b/drivers/scsi/megaraid/megaraid_sas_base.c @@ -2987,7 +2987,8 @@ megasas_dump_sys_regs(void __iomem *reg_set, char *buf) u32 __iomem *reg = (u32 __iomem *)reg_set; for (i = 0; i < sz / sizeof(u32); i++) { - bytes_wrote += snprintf(loc + bytes_wrote, PAGE_SIZE, + bytes_wrote += scnprintf(loc + bytes_wrote, + PAGE_SIZE - bytes_wrote, "%08x: %08x\n", (i * 4), readl(®[i])); } -- 2.16.4