public inbox for linux-acpi@vger.kernel.org
 help / color / mirror / Atom feed
* [PATCH] tools/power/acpi: Replace unsafe strcat with strncat in apfiles.c
@ 2026-02-01 18:18 Sumeet Pawnikar
  0 siblings, 0 replies; only message in thread
From: Sumeet Pawnikar @ 2026-02-01 18:18 UTC (permalink / raw)
  To: rafael, robert.moore, lenb, linux-acpi, acpica-devel
  Cc: linux-kernel, sumeet4linux

Replace unsafe strcat() calls with strncat() in apfiles.c to prevent
potential buffer overflow vulnerabilities when constructing filenames.
The strncat() function performs bounds checking to ensure the
destination buffer is not overflowed.

No functional change.

Signed-off-by: Sumeet Pawnikar <sumeet4linux@gmail.com>
---
 tools/power/acpi/tools/acpidump/apfiles.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/tools/power/acpi/tools/acpidump/apfiles.c b/tools/power/acpi/tools/acpidump/apfiles.c
index d6b8a201480b..c7b71579aae6 100644
--- a/tools/power/acpi/tools/acpidump/apfiles.c
+++ b/tools/power/acpi/tools/acpidump/apfiles.c
@@ -131,10 +131,12 @@ int ap_write_to_binary_file(struct acpi_table_header *table, u32 instance)
 
 	if (instance > 0) {
 		snprintf(instance_str, sizeof(instance_str), "%u", instance);
-		strcat(filename, instance_str);
+		strncat(filename, instance_str,
+			sizeof(filename) - strlen(filename) - 1);
 	}
 
-	strcat(filename, FILE_SUFFIX_BINARY_TABLE);
+	strncat(filename, FILE_SUFFIX_BINARY_TABLE,
+		sizeof(filename) - strlen(filename) - 1);
 
 	if (gbl_verbose_mode) {
 		fprintf(stderr,
-- 
2.43.0


^ permalink raw reply related	[flat|nested] only message in thread
only message in thread, other threads:[~2026-02-01 18:19 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-02-01 18:18 [PATCH] tools/power/acpi: Replace unsafe strcat with strncat in apfiles.c Sumeet Pawnikar

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox