From: Sean Young <sean@mess.org>
To: Takashi Iwai <tiwai@suse.de>
Cc: Mauro Carvalho Chehab <mchehab@kernel.org>, linux-media@vger.kernel.org
Subject: Re: [PATCH] media: rc: Use scnprintf() for avoiding potential buffer overflow
Date: Fri, 20 Mar 2020 13:49:56 +0000 [thread overview]
Message-ID: <20200320134955.GA21882@gofer.mess.org> (raw)
In-Reply-To: <s5h8sjwuykp.wl-tiwai@suse.de>
On Thu, Mar 19, 2020 at 04:57:42PM +0100, Takashi Iwai wrote:
> On Wed, 11 Mar 2020 08:47:06 +0100,
> Takashi Iwai wrote:
> >
> > Since snprintf() returns the would-be-output size instead of the
> > actual output size, the succeeding calls may go beyond the given
> > buffer limit. Fix it by replacing with scnprintf().
> >
> > Signed-off-by: Takashi Iwai <tiwai@suse.de>
>
> A gentle reminder for this forgotten patch.
> Let me know if any further changes are needed.
Thank you for your reminder. The changes look good, unfortunately they
missed the deadline for v5.7. I handle them after the next merge window.
Thanks,
Sean
>
>
> thanks,
>
> Takashi
>
> > ---
> > drivers/media/rc/nuvoton-cir.c | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/media/rc/nuvoton-cir.c b/drivers/media/rc/nuvoton-cir.c
> > index 5c2cd8d2d155..48a69bf23236 100644
> > --- a/drivers/media/rc/nuvoton-cir.c
> > +++ b/drivers/media/rc/nuvoton-cir.c
> > @@ -230,10 +230,10 @@ static ssize_t wakeup_data_show(struct device *dev,
> > for (i = 0; i < fifo_len; i++) {
> > duration = nvt_cir_wake_reg_read(nvt, CIR_WAKE_RD_FIFO_ONLY);
> > duration = (duration & BUF_LEN_MASK) * SAMPLE_PERIOD;
> > - buf_len += snprintf(buf + buf_len, PAGE_SIZE - buf_len,
> > + buf_len += scnprintf(buf + buf_len, PAGE_SIZE - buf_len,
> > "%d ", duration);
> > }
> > - buf_len += snprintf(buf + buf_len, PAGE_SIZE - buf_len, "\n");
> > + buf_len += scnprintf(buf + buf_len, PAGE_SIZE - buf_len, "\n");
> >
> > spin_unlock_irqrestore(&nvt->lock, flags);
> >
> > --
> > 2.16.4
> >
prev parent reply other threads:[~2020-03-20 13:49 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-11 7:47 [PATCH] media: rc: Use scnprintf() for avoiding potential buffer overflow Takashi Iwai
2020-03-19 15:57 ` Takashi Iwai
2020-03-20 13:49 ` Sean Young [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200320134955.GA21882@gofer.mess.org \
--to=sean@mess.org \
--cc=linux-media@vger.kernel.org \
--cc=mchehab@kernel.org \
--cc=tiwai@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).