On Thu, Sep 26, 2002 at 02:33:50AM +0200, Andi Kleen wrote: > David Brownell writes: > > > > + /* stuff we want to pass to /sbin/hotplug */ > > > + envp[i++] = scratch; > > > + scratch += sprintf (scratch, "PCI_CLASS=%04X", pdev->class) + 1; > > > + > > > + envp[i++] = scratch; > > > + scratch += sprintf (scratch, "PCI_ID=%04X:%04X", > > > + pdev->vendor, pdev->device) + 1; > > > > And so forth. Use "snprintf" and prevent overrunning those buffers... > > Hmm? An %04X format is perfectly bounded. Technically, it isn't bounded. The field will expand if the value exceeds 4 digits. However, these values can't do that. At least not now. But, as a good programming practice, snprintf should be used. Heck, PCI 3.0 might use 32-bit vendor and device values, instead of 8 bit. So, if nothing else, do it as insurance for the future. Matt -- Matthew Dharm Home: mdharm-usb@one-eyed-alien.net Maintainer, Linux USB Mass Storage Driver It was a new hope. -- Dust Puppy User Friendly, 12/25/1998