Commit d3f8c708 authored by Takashi Iwai's avatar Takashi Iwai Committed by Kalle Valo

b43legacy: Use scnprintf() for avoiding potential buffer overflow

Since snprintf() returns the would-be-output size instead of the
actual output size, the succeeding calls may go beyond the given
buffer limit.  Fix it by replacing with scnprintf().

Cc: Larry Finger <Larry.Finger@lwfinger.net>
Cc: b43-dev@lists.infradead.org
Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
Signed-off-by: default avatarKalle Valo <kvalo@codeaurora.org>
parent 68b02e0c
...@@ -54,7 +54,7 @@ struct b43legacy_dfs_file * fops_to_dfs_file(struct b43legacy_wldev *dev, ...@@ -54,7 +54,7 @@ struct b43legacy_dfs_file * fops_to_dfs_file(struct b43legacy_wldev *dev,
#define fappend(fmt, x...) \ #define fappend(fmt, x...) \
do { \ do { \
if (bufsize - count) \ if (bufsize - count) \
count += snprintf(buf + count, \ count += scnprintf(buf + count, \
bufsize - count, \ bufsize - count, \
fmt , ##x); \ fmt , ##x); \
else \ else \
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment