mmc: vub300: Use scnprintf() for avoiding potential buffer overflow

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Since snprintf() returns the would-be-output size instead of the
actual output size, the succeeding calls may go beyond the given
buffer limit. Fix it by replacing with scnprintf().

Signed-off-by: Takashi Iwai <tiwai@suse.de>
Link: https://lore.kernel.org/r/20200311080439.13928-1-tiwai@suse.de
Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>

authored by

Takashi Iwai and committed by

Ulf Hansson 6 years ago 6bbcf74d 398b2500

+1 -1

1 changed file

expand all

drivers

mmc

host

vub300.c

+1 -1

drivers/mmc/host/vub300.c

··· 1363 1363 int retval; 1364 1364 for (n = 0; n < sdio_funcs; n++) { 1365 1365 struct sdio_func *sf = card->sdio_func[n]; 1366 - l += snprintf(vub300->vub_name + l, 1366 + l += scnprintf(vub300->vub_name + l, 1367 1367 sizeof(vub300->vub_name) - l, "_%04X%04X", 1368 1368 sf->vendor, sf->device); 1369 1369 }