summaryrefslogtreecommitdiff
path: root/drivers/ssb
diff options
context:
space:
mode:
authorTakashi Iwai <tiwai@suse.de>2020-03-11 12:17:39 +0300
committerKalle Valo <kvalo@codeaurora.org>2020-03-12 16:44:12 +0300
commitca44e47a2b8611178d38d4ed9532f793cf4244a8 (patch)
tree0dd00994e407afa11c35bd4c7eb12e1255970c21 /drivers/ssb
parent1da740e08a2d48012803a381108e0e8062cbd683 (diff)
downloadlinux-ca44e47a2b8611178d38d4ed9532f793cf4244a8.tar.xz
ssb: Use scnprintf() for avoiding potential buffer overflow
Since snprintf() returns the would-be-output size instead of the actual output size, the succeeding calls may go beyond the given buffer limit. Fix it by replacing with scnprintf(). Signed-off-by: Takashi Iwai <tiwai@suse.de> Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Diffstat (limited to 'drivers/ssb')
-rw-r--r--drivers/ssb/sprom.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/drivers/ssb/sprom.c b/drivers/ssb/sprom.c
index 4f028a80d6c4..52d2e0f33be7 100644
--- a/drivers/ssb/sprom.c
+++ b/drivers/ssb/sprom.c
@@ -26,9 +26,9 @@ static int sprom2hex(const u16 *sprom, char *buf, size_t buf_len,
int i, pos = 0;
for (i = 0; i < sprom_size_words; i++)
- pos += snprintf(buf + pos, buf_len - pos - 1,
+ pos += scnprintf(buf + pos, buf_len - pos - 1,
"%04X", swab16(sprom[i]) & 0xFFFF);
- pos += snprintf(buf + pos, buf_len - pos - 1, "\n");
+ pos += scnprintf(buf + pos, buf_len - pos - 1, "\n");
return pos + 1;
}