Commit 54b90943 authored by Dan Carpenter's avatar Dan Carpenter Committed by Alexandre Belloni

rtc: fix snprintf() checking in is_rtc_hctosys()

The scnprintf() function silently truncates the printf() and returns
the number bytes that it was able to copy (not counting the NUL
terminator).  Thus, the highest value it can return here is
"NAME_SIZE - 1" and the overflow check is dead code.  Fix this by
using the snprintf() function which returns the number of bytes that
would have been copied if there was enough space and changing the
condition from "> NAME_SIZE" to ">= NAME_SIZE".

Fixes: 92589c98 ("rtc-proc: permit the /proc/driver/rtc device to use other devices")
Signed-off-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: default avatarAlexandre Belloni <alexandre.belloni@bootlin.com>
Link: https://lore.kernel.org/r/YJov/pcGmhLi2pEl@mwanda
parent 8df65d4a
...@@ -23,8 +23,8 @@ static bool is_rtc_hctosys(struct rtc_device *rtc) ...@@ -23,8 +23,8 @@ static bool is_rtc_hctosys(struct rtc_device *rtc)
int size; int size;
char name[NAME_SIZE]; char name[NAME_SIZE];
size = scnprintf(name, NAME_SIZE, "rtc%d", rtc->id); size = snprintf(name, NAME_SIZE, "rtc%d", rtc->id);
if (size > NAME_SIZE) if (size >= NAME_SIZE)
return false; return false;
return !strncmp(name, CONFIG_RTC_HCTOSYS_DEVICE, NAME_SIZE); return !strncmp(name, CONFIG_RTC_HCTOSYS_DEVICE, NAME_SIZE);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment