Commit 53f91dc1 authored by Changli Gao's avatar Changli Gao Committed by David S. Miller

net: use scnprintf() to avoid potential buffer overflow

strlcpy() returns the total length of the string they tried to create, so
we should not use its return value without any check. scnprintf() returns
the number of characters written into @buf not including the trailing '\0',
so use it instead here.
Signed-off-by: default avatarChangli Gao <xiaosuo@gmail.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 145ce502
......@@ -376,7 +376,7 @@ static size_t _format_mac_addr(char *buf, int buflen,
cp += scnprintf(cp, buflen - (cp - buf), "%02x", addr[i]);
if (i == len - 1)
break;
cp += strlcpy(cp, ":", buflen - (cp - buf));
cp += scnprintf(cp, buflen - (cp - buf), ":");
}
return cp - buf;
}
......@@ -386,7 +386,7 @@ ssize_t sysfs_format_mac(char *buf, const unsigned char *addr, int len)
size_t l;
l = _format_mac_addr(buf, PAGE_SIZE, addr, len);
l += strlcpy(buf + l, "\n", PAGE_SIZE - l);
l += scnprintf(buf + l, PAGE_SIZE - l, "\n");
return ((ssize_t) l);
}
EXPORT_SYMBOL(sysfs_format_mac);
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment