dmaengine: ppc4xx: Use scnprintf() for avoiding potential buffer overflow

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Since snprintf() returns the would-be-output size instead of the
actual output size, the succeeding calls may go beyond the given
buffer limit. Fix it by replacing with scnprintf().

Signed-off-by: Takashi Iwai <tiwai@suse.de>
Link: https://lore.kernel.org/r/20200311071606.4485-1-tiwai@suse.de
Signed-off-by: Vinod Koul <vkoul@kernel.org>

authored by

Takashi Iwai and committed by

Vinod Koul 6 years ago 3a5a8a27 91124ac6

+1 -1

1 changed file

expand all

drivers

dma

ppc4xx

adma.c

+1 -1

drivers/dma/ppc4xx/adma.c

··· 4303 4303 for (i = 0; i < PPC440SPE_ADMA_ENGINES_NUM; i++) { 4304 4304 if (ppc440spe_adma_devices[i] == -1) 4305 4305 continue; 4306 - size += snprintf(buf + size, PAGE_SIZE - size, 4306 + size += scnprintf(buf + size, PAGE_SIZE - size, 4307 4307 "PPC440SP(E)-ADMA.%d: %s\n", i, 4308 4308 ppc_adma_errors[ppc440spe_adma_devices[i]]); 4309 4309 }