b43legacy: Use scnprintf() for avoiding potential buffer overflow

Since snprintf() returns the would-be-output size instead of the actual output size, the succeeding calls may go beyond the given buffer limit. Fix it by replacing with scnprintf(). Cc: Larry Finger <Larry.Finger@lwfinger.net> Cc: b43-dev@lists.infradead.org Signed-off-by: Takashi Iwai <tiwai@suse.de> Signed-off-by: Kalle Valo <kvalo@codeaurora.org>

b43legacy: Use scnprintf() for avoiding potential buffer overflow
Since snprintf() returns the would-be-output size instead of the actual output size, the succeeding calls may go beyond the given buffer limit. Fix it by replacing with scnprintf(). Cc: Larry Finger <Larry.Finger@lwfinger.net> Cc: b43-dev@lists.infradead.org Signed-off-by: Takashi Iwai <tiwai@suse.de> Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
d3f8c708 · Takashi Iwai · Kalle Valo · 68b02e0c · d3f8c708
Commit d3f8c708 authored Mar 11, 2020 by Takashi Iwai Committed by Kalle Valo Mar 12, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

drivers/net/wireless/broadcom/b43legacy/debugfs.c drivers/net/wireless/broadcom/b43legacy/debugfs.c +1 -1

No files found.
--- a/drivers/net/wireless/broadcom/b43legacy/debugfs.c
+++ b/drivers/net/wireless/broadcom/b43legacy/debugfs.c
@@ -54,7 +54,7 @@ struct b43legacy_dfs_file * fops_to_dfs_file(struct b43legacy_wldev *dev,
 #define fappend(fmt, x...)	\
 	do {							\
 		if (bufsize - count)				\
-			count += snprintf(buf + count,		\
+			count += scnprintf(buf + count,		\
 					  bufsize - count,	\
 					  fmt , ##x);		\
 		else						\