On Wed 2019-10-16 10:24:30, Oleh Kravchenko wrote:
> Error was detected by PVS-Studio:
> V512 A call of the 'sprintf' function will lead to overflow of
> the buffer 'led_data->led_cdev_name'.
> 
> Acked-by: Jacek Anaszewski <jacek.anaszewski@gmail.com>
> Acked-by: Pavel Machek <pavel@ucw.cz>
> Signed-off-by: Oleh Kravchenko <oleg@kaa.org.ua>

Thanks for resend, and sorry for the delay.

Note that this would only be security issue if someone did malicious
device tree... so... not a security issue :-).

Applied.

								Pavel

> index cabe379071a7..82aea1cd0c12 100644
> --- a/drivers/leds/leds-mlxreg.c
> +++ b/drivers/leds/leds-mlxreg.c
> @@ -228,8 +228,8 @@ static int mlxreg_led_config(struct mlxreg_led_priv_data *priv)
>  			brightness = LED_OFF;
>  			led_data->base_color = MLXREG_LED_GREEN_SOLID;
>  		}
> -		sprintf(led_data->led_cdev_name, "%s:%s", "mlxreg",
> -			data->label);
> +		snprintf(led_data->led_cdev_name, sizeof(led_data->led_cdev_name),
> +			 "mlxreg:%s", data->label);
>  		led_cdev->name = led_data->led_cdev_name;
>  		led_cdev->brightness = brightness;
>  		led_cdev->max_brightness = LED_ON;
> -- 
> 2.21.0

-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html