ALSA: cmipci: Copy string more safely · tjh.dev/kernel@f15be4d

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

ALSA: cmipci: Copy string more safely

The probe code uses sprintf() and strcat() without caring about the
string buffer size. Replace with safer code.

Only a cosmetic safety matter, no functional changes intended.

Signed-off-by: Takashi Iwai <tiwai@suse.de>
Link: https://patch.msgid.link/20250710100727.22653-102-tiwai@suse.de

Takashi Iwai 8 months ago f15be4dc 92635958

+6 -5

1 changed file

expand all

sound

pci

cmipci.c

+6 -5

sound/pci/cmipci.c

··· 3008 3008 pci->device != PCI_DEVICE_ID_CMEDIA_CM8338B) 3009 3009 query_chip(cm); 3010 3010 /* added -MCx suffix for chip supporting multi-channels */ 3011 - if (cm->can_multi_ch) 3012 - sprintf(cm->card->driver + strlen(cm->card->driver), 3013 - "-MC%d", cm->max_channels); 3014 - else if (cm->can_ac3_sw) 3015 - strcpy(cm->card->driver + strlen(cm->card->driver), "-SWIEC"); 3011 + if (cm->can_multi_ch) { 3012 + int l = strlen(cm->card->driver); 3013 + scnprintf(cm->card->driver + l, sizeof(cm->card->driver) - l, 3014 + "-MC%d", cm->max_channels); 3015 + } else if (cm->can_ac3_sw) 3016 + strlcat(cm->card->driver, "-SWIEC", sizeof(cm->card->driver)); 3016 3017 3017 3018 cm->dig_status = SNDRV_PCM_DEFAULT_CON_SPDIF; 3018 3019 cm->dig_pcm_status = SNDRV_PCM_DEFAULT_CON_SPDIF;