linux-mmc.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] mmc: vub300: Use scnprintf() for avoiding potential buffer overflow
@ 2020-03-11  8:04 Takashi Iwai
  2020-03-12 13:08 ` Ulf Hansson
  0 siblings, 1 reply; 2+ messages in thread
From: Takashi Iwai @ 2020-03-11  8:04 UTC (permalink / raw)
  To: Ulf Hansson; +Cc: linux-mmc

Since snprintf() returns the would-be-output size instead of the
actual output size, the succeeding calls may go beyond the given
buffer limit.  Fix it by replacing with scnprintf().

Signed-off-by: Takashi Iwai <tiwai@suse.de>
---
 drivers/mmc/host/vub300.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/mmc/host/vub300.c b/drivers/mmc/host/vub300.c
index 6ced1b7f642f..4008871bc2ec 100644
--- a/drivers/mmc/host/vub300.c
+++ b/drivers/mmc/host/vub300.c
@@ -1363,7 +1363,7 @@ static void download_offload_pseudocode(struct vub300_mmc_host *vub300)
 	int retval;
 	for (n = 0; n < sdio_funcs; n++) {
 		struct sdio_func *sf = card->sdio_func[n];
-		l += snprintf(vub300->vub_name + l,
+		l += scnprintf(vub300->vub_name + l,
 			      sizeof(vub300->vub_name) - l, "_%04X%04X",
 			      sf->vendor, sf->device);
 	}
-- 
2.16.4


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH] mmc: vub300: Use scnprintf() for avoiding potential buffer overflow
  2020-03-11  8:04 [PATCH] mmc: vub300: Use scnprintf() for avoiding potential buffer overflow Takashi Iwai
@ 2020-03-12 13:08 ` Ulf Hansson
  0 siblings, 0 replies; 2+ messages in thread
From: Ulf Hansson @ 2020-03-12 13:08 UTC (permalink / raw)
  To: Takashi Iwai; +Cc: linux-mmc

On Wed, 11 Mar 2020 at 09:04, Takashi Iwai <tiwai@suse.de> wrote:
>
> Since snprintf() returns the would-be-output size instead of the
> actual output size, the succeeding calls may go beyond the given
> buffer limit.  Fix it by replacing with scnprintf().
>
> Signed-off-by: Takashi Iwai <tiwai@suse.de>

Applied for next, thanks!

Kind regards
Uffe


> ---
>  drivers/mmc/host/vub300.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/mmc/host/vub300.c b/drivers/mmc/host/vub300.c
> index 6ced1b7f642f..4008871bc2ec 100644
> --- a/drivers/mmc/host/vub300.c
> +++ b/drivers/mmc/host/vub300.c
> @@ -1363,7 +1363,7 @@ static void download_offload_pseudocode(struct vub300_mmc_host *vub300)
>         int retval;
>         for (n = 0; n < sdio_funcs; n++) {
>                 struct sdio_func *sf = card->sdio_func[n];
> -               l += snprintf(vub300->vub_name + l,
> +               l += scnprintf(vub300->vub_name + l,
>                               sizeof(vub300->vub_name) - l, "_%04X%04X",
>                               sf->vendor, sf->device);
>         }
> --
> 2.16.4
>

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-03-12 13:09 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-03-11  8:04 [PATCH] mmc: vub300: Use scnprintf() for avoiding potential buffer overflow Takashi Iwai
2020-03-12 13:08 ` Ulf Hansson

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).