From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932255AbdGNMOE (ORCPT ); Fri, 14 Jul 2017 08:14:04 -0400 Received: from mout.kundenserver.de ([217.72.192.74]:65230 "EHLO mout.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754032AbdGNMOB (ORCPT ); Fri, 14 Jul 2017 08:14:01 -0400 From: Arnd Bergmann To: linux-kernel@vger.kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , x86@kernel.org Cc: Greg Kroah-Hartman , Linus Torvalds , Guenter Roeck , akpm@linux-foundation.org, netdev@vger.kernel.org, "David S . Miller" , "James E . J . Bottomley" , "Martin K . Petersen" , linux-scsi@vger.kernel.org, Arnd Bergmann Subject: [PATCH 16/22] x86: intel-mid: fix a format string overflow warning Date: Fri, 14 Jul 2017 14:07:08 +0200 Message-Id: <20170714120720.906842-17-arnd@arndb.de> X-Mailer: git-send-email 2.9.0 In-Reply-To: <20170714120720.906842-1-arnd@arndb.de> References: <20170714120720.906842-1-arnd@arndb.de> X-Provags-ID: V03:K0:Ow1QTKqvzL+U8vQvwpq/O+ZVhkYePadVLmv35X6ldPEIJGkWJw+ e4NWBESfjhU7/YL7G+id8DL+fueIX2Ao/RXfmj/M6z1rsnf9kHeXtOjU6Meyz+j+/BKgztP jErPfxz4yrkLIGw660UHk0LepVXfFllG1f/0xxmH2C5wF+zhJufecUfPg6Tkx9zOhke0q1+ 6bxAAJZCucCr1xx3krsZA== X-UI-Out-Filterresults: notjunk:1;V01:K0:cYGNl6m4YRk=:ANrBhW77eJEB8S9PH0KBHQ xvspo2ewqCFp9auENxkzvGfIZbNclDFi++PLNYcDHfutTHvILDHsGBtzzo/mE7xsqMyUe1Gdx Dl2cukNudcNwf0UT+YERUxYuVr52okgAYJBKjS37/qNsheD6EnSaeuqQ2hDo9WoBHvEZ6fTkI F68JbkhcO6pJaRY/9vA5GvGIz7SndMwYBKv4Fr26tu+vlXxQ9heAR4ZnKjPX002c0NI0zOdym xu9mfb9XMcPiPDn4b/aNykKJVAADclVls7XFNYXU/eDB4TjJIDS0fqXiFwTLboRCsKK1ZGXMc Ju6wt+Hrg3W9H4gj4qy2u1ss8CAohI6Vg3r2V7imbKuSGSmcWp0RnW3nn+SeKJf+wNKNVRTWr zbF2jM6/d55huS+/qG63E09RAfHtW+IRFQEaCP6j3+uFrENelBHv7ceAJApHs4D/5+C7s5p7Z +s7cLItcdje9dK7glkzUiTGwUbbRbj+grXlCds3nyLxqnX1B6CcqEGS8jwIYU5vEsLpKoCOJd g1eckZDfN86lFoRxpQLqLhLm6PGoHKw778KS0rg5djR86enL58j7dJI06OYU3MGUneSFbnR9Y BfNIle9uXtMJSfmUoIFPj9lpjghoZMwvng93Pp+ofKGm86EJb3zxBgCOAqhh21ueWu+EUuqft 9awSSIwvwYVun5kYr6ffNNiA0kmTbF/zBjFUXYvH4ywkanBuNnHLERjRJGtwguyLfVOmZ+eZ3 NAPVxJ2u+p6Ypov8B6HMZUKNZDtHFeRPMuN8lg== Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org We have space for exactly one character for the index in "max7315_%d_base", but as gcc points out having more would cause an string overflow: arch/x86/platform/intel-mid/device_libs/platform_max7315.c: In function 'max7315_platform_data': arch/x86/platform/intel-mid/device_libs/platform_max7315.c:41:26: error: '%d' directive writing between 1 and 11 bytes into a region of size 9 [-Werror=format-overflow=] sprintf(base_pin_name, "max7315_%d_base", nr); ^~~~~~~~~~~~~~~~~ arch/x86/platform/intel-mid/device_libs/platform_max7315.c:41:26: note: directive argument in the range [-2147483647, 2147483647] arm-soc/arch/x86/platform/intel-mid/device_libs/platform_max7315.c:41:3: note: 'sprintf' output between 15 and 25 bytes into a destination of size 17 sprintf(base_pin_name, "max7315_%d_base", nr); This makes it use an snprintf() to truncate the string if that happened rather than overflowing the stack. Signed-off-by: Arnd Bergmann --- arch/x86/platform/intel-mid/device_libs/platform_max7315.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/x86/platform/intel-mid/device_libs/platform_max7315.c b/arch/x86/platform/intel-mid/device_libs/platform_max7315.c index 6e075afa7877..58337b2bc682 100644 --- a/arch/x86/platform/intel-mid/device_libs/platform_max7315.c +++ b/arch/x86/platform/intel-mid/device_libs/platform_max7315.c @@ -38,8 +38,10 @@ static void __init *max7315_platform_data(void *info) */ strcpy(i2c_info->type, "max7315"); if (nr++) { - sprintf(base_pin_name, "max7315_%d_base", nr); - sprintf(intr_pin_name, "max7315_%d_int", nr); + snprintf(base_pin_name, sizeof(base_pin_name), + "max7315_%d_base", nr); + snprintf(intr_pin_name, sizeof(intr_pin_name), + "max7315_%d_int", nr); } else { strcpy(base_pin_name, "max7315_base"); strcpy(intr_pin_name, "max7315_int"); -- 2.9.0