Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:
> It looks like we wanted to print a maximum of BSSList_rid.ssidLen bytes
> of the ssid, but we accidentally use "%*s" (width) instead of "%.*s"
> (precision) so if the ssid doesn't have a NUL terminator this could lead
> to an overflow.
>
> Static analysis. Not tested.
>
> Fixes: e174961ca1a0 ("net: convert print_mac to %pM")
> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Patch applied to wireless-drivers-next.git, thanks.
3d39e1bb1c88 wireless: airo: potential buffer overflow in sprintf()
--
https://patchwork.kernel.org/patch/10654389/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
