Commit ca44e47a authored by Takashi Iwai's avatar Takashi Iwai Committed by Kalle Valo

ssb: Use scnprintf() for avoiding potential buffer overflow

Since snprintf() returns the would-be-output size instead of the
actual output size, the succeeding calls may go beyond the given
buffer limit.  Fix it by replacing with scnprintf().
Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
Signed-off-by: default avatarKalle Valo <kvalo@codeaurora.org>
parent 1da740e0
...@@ -26,9 +26,9 @@ static int sprom2hex(const u16 *sprom, char *buf, size_t buf_len, ...@@ -26,9 +26,9 @@ static int sprom2hex(const u16 *sprom, char *buf, size_t buf_len,
int i, pos = 0; int i, pos = 0;
for (i = 0; i < sprom_size_words; i++) for (i = 0; i < sprom_size_words; i++)
pos += snprintf(buf + pos, buf_len - pos - 1, pos += scnprintf(buf + pos, buf_len - pos - 1,
"%04X", swab16(sprom[i]) & 0xFFFF); "%04X", swab16(sprom[i]) & 0xFFFF);
pos += snprintf(buf + pos, buf_len - pos - 1, "\n"); pos += scnprintf(buf + pos, buf_len - pos - 1, "\n");
return pos + 1; return pos + 1;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment