diff options
author | Takashi Iwai <tiwai@suse.de> | 2020-03-11 12:28:07 +0300 |
---|---|---|
committer | Mika Westerberg <mika.westerberg@linux.intel.com> | 2020-03-12 11:27:41 +0300 |
commit | 3010518964dc96c41848a05a5b0ec11ccf8d5ebe (patch) | |
tree | 35cc9c853d4f22b35143af55f494fd61c3086002 /drivers/thunderbolt | |
parent | 3084ea9ea88906576d0bfc0d66cb1735045266c8 (diff) | |
download | linux-3010518964dc96c41848a05a5b0ec11ccf8d5ebe.tar.xz |
thunderbolt: Use scnprintf() for avoiding potential buffer overflow
Since snprintf() returns the would-be-output size instead of the
actual output size, the succeeding calls may go beyond the given
buffer limit. Fix it by replacing with scnprintf().
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Diffstat (limited to 'drivers/thunderbolt')
-rw-r--r-- | drivers/thunderbolt/domain.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/drivers/thunderbolt/domain.c b/drivers/thunderbolt/domain.c index b7980c856898..68c1b93ac5d9 100644 --- a/drivers/thunderbolt/domain.c +++ b/drivers/thunderbolt/domain.c @@ -147,10 +147,10 @@ static ssize_t boot_acl_show(struct device *dev, struct device_attribute *attr, for (ret = 0, i = 0; i < tb->nboot_acl; i++) { if (!uuid_is_null(&uuids[i])) - ret += snprintf(buf + ret, PAGE_SIZE - ret, "%pUb", + ret += scnprintf(buf + ret, PAGE_SIZE - ret, "%pUb", &uuids[i]); - ret += snprintf(buf + ret, PAGE_SIZE - ret, "%s", + ret += scnprintf(buf + ret, PAGE_SIZE - ret, "%s", i < tb->nboot_acl - 1 ? "," : "\n"); } |