siox: fix possible buffer overflow in device_add_store

Width 20 given in format string is larger than destination buffer 'type[20]', use %19s to prevent overflowing it. Fixes: bbecb07f ("siox: new driver framework for eckelmann SIOX") Cc: stable <stable@vger.kernel.org> Reported-by: David Binderman <dcb314@hotmail.com> Signed-off-by: Gavin Schenk <g.schenk@eckelmann.de> Reviewed-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

siox: fix possible buffer overflow in device_add_store
Width 20 given in format string is larger than destination buffer 'type[20]', use %19s to prevent overflowing it. Fixes: bbecb07f ("siox: new driver framework for eckelmann SIOX") Cc: stable <stable@vger.kernel.org> Reported-by: David Binderman <dcb314@hotmail.com> Signed-off-by: Gavin Schenk <g.schenk@eckelmann.de> Reviewed-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
f87deada · Gavin Schenk · Greg Kroah-Hartman · 3ba9faed · f87deada
Commit f87deada authored Feb 14, 2018 by Gavin Schenk Committed by Greg Kroah-Hartman Mar 15, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

drivers/siox/siox-core.c drivers/siox/siox-core.c +1 -1

No files found.
--- a/drivers/siox/siox-core.c
+++ b/drivers/siox/siox-core.c
@@ -594,7 +594,7 @@ static ssize_t device_add_store(struct device *dev,
 	size_t inbytes = 0, outbytes = 0;
 	u8 statustype = 0;

-	ret = sscanf(buf, "%20s %zu %zu %hhu", type, &inbytes,
+	ret = sscanf(buf, "%19s %zu %zu %hhu", type, &inbytes,
 		     &outbytes, &statustype);
 	if (ret != 3 && ret != 4)
 		return -EINVAL;