edd: Use scnprintf() for avoiding potential buffer overflow
Since snprintf() returns the would-be-output size instead of the actual output size, the succeeding calls may go beyond the given buffer limit. Fix it by replacing with scnprintf(). Link: https://lore.kernel.org/r/20200320084429.1803-1-tiwai@suse.de Signed-off-by: Takashi Iwai <tiwai@suse.de>
This commit is contained in:
parent
ca707b3f00
commit
dbdd24eaac
|
@ -341,7 +341,7 @@ edd_show_legacy_max_cylinder(struct edd_device *edev, char *buf)
|
|||
if (!info || !buf)
|
||||
return -EINVAL;
|
||||
|
||||
p += snprintf(p, left, "%u\n", info->legacy_max_cylinder);
|
||||
p += scnprintf(p, left, "%u\n", info->legacy_max_cylinder);
|
||||
return (p - buf);
|
||||
}
|
||||
|
||||
|
@ -356,7 +356,7 @@ edd_show_legacy_max_head(struct edd_device *edev, char *buf)
|
|||
if (!info || !buf)
|
||||
return -EINVAL;
|
||||
|
||||
p += snprintf(p, left, "%u\n", info->legacy_max_head);
|
||||
p += scnprintf(p, left, "%u\n", info->legacy_max_head);
|
||||
return (p - buf);
|
||||
}
|
||||
|
||||
|
@ -371,7 +371,7 @@ edd_show_legacy_sectors_per_track(struct edd_device *edev, char *buf)
|
|||
if (!info || !buf)
|
||||
return -EINVAL;
|
||||
|
||||
p += snprintf(p, left, "%u\n", info->legacy_sectors_per_track);
|
||||
p += scnprintf(p, left, "%u\n", info->legacy_sectors_per_track);
|
||||
return (p - buf);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue