From: Sergey Shtylyov <s.shtylyov@omp.ru>
To: Ulf Hansson <ulf.hansson@linaro.org>, <linux-mmc@vger.kernel.org>
Subject: [PATCH v2] mmc: core: use sysfs_emit() in #define sdio_info_attr()
Date: Fri, 28 Jan 2022 00:01:53 +0300 [thread overview]
Message-ID: <b0d9cdda-33f3-1eb0-a76e-26125089e5c5@omp.ru> (raw)
sprintf() (still used in #define sdio_info_attr()) is vulnerable to the
buffer overflow. Use the new-fangled sysfs_emit() instead.
While at it, add spaces around the minus sign...
Found by Linux Verification Center (linuxtesting.org) with the SVACE static
analysis tool.
Signed-off-by: Sergey Shtylyov <s.shtylyov@omp.ru>
---
This patch is against the 'next' branch of Ulf Hansson's 'mmc.git' repo.
Changes in version 2:
- added the same macro change in drivers/mmc/corfe/sdio[_bus].c;
- updated the patch subject.
drivers/mmc/core/sd.c | 4 ++--
drivers/mmc/core/sdio.c | 4 ++--
drivers/mmc/core/sdio_bus.c | 4 ++--
3 files changed, 6 insertions(+), 6 deletions(-)
Index: mmc/drivers/mmc/core/sd.c
===================================================================
--- mmc.orig/drivers/mmc/core/sd.c
+++ mmc/drivers/mmc/core/sd.c
@@ -735,9 +735,9 @@ static ssize_t info##num##_show(struct d
\
if (num > card->num_info) \
return -ENODATA; \
- if (!card->info[num-1][0]) \
+ if (!card->info[num - 1][0]) \
return 0; \
- return sprintf(buf, "%s\n", card->info[num-1]); \
+ return sysfs_emit(buf, "%s\n", card->info[num - 1]); \
} \
static DEVICE_ATTR_RO(info##num)
Index: mmc/drivers/mmc/core/sdio.c
===================================================================
--- mmc.orig/drivers/mmc/core/sdio.c
+++ mmc/drivers/mmc/core/sdio.c
@@ -40,9 +40,9 @@ static ssize_t info##num##_show(struct d
\
if (num > card->num_info) \
return -ENODATA; \
- if (!card->info[num-1][0]) \
+ if (!card->info[num - 1][0]) \
return 0; \
- return sprintf(buf, "%s\n", card->info[num-1]); \
+ return sysfs_emit(buf, "%s\n", card->info[num - 1]); \
} \
static DEVICE_ATTR_RO(info##num)
Index: mmc/drivers/mmc/core/sdio_bus.c
===================================================================
--- mmc.orig/drivers/mmc/core/sdio_bus.c
+++ mmc/drivers/mmc/core/sdio_bus.c
@@ -52,9 +52,9 @@ static ssize_t info##num##_show(struct d
\
if (num > func->num_info) \
return -ENODATA; \
- if (!func->info[num-1][0]) \
+ if (!func->info[num - 1][0]) \
return 0; \
- return sprintf(buf, "%s\n", func->info[num-1]); \
+ return sysfs_emit(buf, "%s\n", func->info[num - 1]); \
} \
static DEVICE_ATTR_RO(info##num)
next reply other threads:[~2022-01-27 21:02 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-27 21:01 Sergey Shtylyov [this message]
2022-01-31 16:14 ` [PATCH v2] mmc: core: use sysfs_emit() in #define sdio_info_attr() Ulf Hansson
2022-02-07 20:08 ` Sergey Shtylyov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b0d9cdda-33f3-1eb0-a76e-26125089e5c5@omp.ru \
--to=s.shtylyov@omp.ru \
--cc=linux-mmc@vger.kernel.org \
--cc=ulf.hansson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.