Linux-ACPI Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH] PCI/ACPI: Use scnprintf() for avoiding potential buffer overflow
@ 2020-03-11  7:09 Takashi Iwai
  2020-03-14 10:16 ` Rafael J. Wysocki
  0 siblings, 1 reply; 2+ messages in thread
From: Takashi Iwai @ 2020-03-11  7:09 UTC (permalink / raw)
  To: linux-pci; +Cc: linux-acpi, Bjorn Helgaas, Rafael J . Wysocki, Len Brown

Since snprintf() returns the would-be-output size instead of the
actual output size, the succeeding calls may go beyond the given
buffer limit.  Fix it by replacing with scnprintf().

Signed-off-by: Takashi Iwai <tiwai@suse.de>
---
 drivers/acpi/pci_root.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/acpi/pci_root.c b/drivers/acpi/pci_root.c
index d1e666ef3fcc..f92df2533e7e 100644
--- a/drivers/acpi/pci_root.c
+++ b/drivers/acpi/pci_root.c
@@ -153,7 +153,7 @@ static void decode_osc_bits(struct acpi_pci_root *root, char *msg, u32 word,
 	buf[0] = '\0';
 	for (i = 0, entry = table; i < size; i++, entry++)
 		if (word & entry->bit)
-			len += snprintf(buf + len, sizeof(buf) - len, "%s%s",
+			len += scnprintf(buf + len, sizeof(buf) - len, "%s%s",
 					len ? " " : "", entry->desc);
 
 	dev_info(&root->device->dev, "_OSC: %s [%s]\n", msg, buf);
-- 
2.16.4


^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH] PCI/ACPI: Use scnprintf() for avoiding potential buffer overflow
  2020-03-11  7:09 [PATCH] PCI/ACPI: Use scnprintf() for avoiding potential buffer overflow Takashi Iwai
@ 2020-03-14 10:16 ` Rafael J. Wysocki
  0 siblings, 0 replies; 2+ messages in thread
From: Rafael J. Wysocki @ 2020-03-14 10:16 UTC (permalink / raw)
  To: Takashi Iwai; +Cc: linux-pci, linux-acpi, Bjorn Helgaas, Len Brown

On Wednesday, March 11, 2020 8:09:58 AM CET Takashi Iwai wrote:
> Since snprintf() returns the would-be-output size instead of the
> actual output size, the succeeding calls may go beyond the given
> buffer limit.  Fix it by replacing with scnprintf().
> 
> Signed-off-by: Takashi Iwai <tiwai@suse.de>
> ---
>  drivers/acpi/pci_root.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/acpi/pci_root.c b/drivers/acpi/pci_root.c
> index d1e666ef3fcc..f92df2533e7e 100644
> --- a/drivers/acpi/pci_root.c
> +++ b/drivers/acpi/pci_root.c
> @@ -153,7 +153,7 @@ static void decode_osc_bits(struct acpi_pci_root *root, char *msg, u32 word,
>  	buf[0] = '\0';
>  	for (i = 0, entry = table; i < size; i++, entry++)
>  		if (word & entry->bit)
> -			len += snprintf(buf + len, sizeof(buf) - len, "%s%s",
> +			len += scnprintf(buf + len, sizeof(buf) - len, "%s%s",
>  					len ? " " : "", entry->desc);
>  
>  	dev_info(&root->device->dev, "_OSC: %s [%s]\n", msg, buf);
> 

Applied as 5.7 material, thanks!





^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, back to index

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-03-11  7:09 [PATCH] PCI/ACPI: Use scnprintf() for avoiding potential buffer overflow Takashi Iwai
2020-03-14 10:16 ` Rafael J. Wysocki

Linux-ACPI Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-acpi/0 linux-acpi/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-acpi linux-acpi/ https://lore.kernel.org/linux-acpi \
		linux-acpi@vger.kernel.org
	public-inbox-index linux-acpi

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-acpi


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git