From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752866AbcAETww (ORCPT ); Tue, 5 Jan 2016 14:52:52 -0500 Received: from smtp.codeaurora.org ([198.145.29.96]:44651 "EHLO smtp.codeaurora.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752045AbcAETwt (ORCPT ); Tue, 5 Jan 2016 14:52:49 -0500 Date: Tue, 5 Jan 2016 11:52:47 -0800 From: Stephen Boyd To: Viresh Kumar Cc: Rafael Wysocki , linaro-kernel@lists.linaro.org, linux-pm@vger.kernel.org, Geert Uytterhoeven , Greg Kroah-Hartman , Len Brown , open list , Nishanth Menon , Pavel Machek , Viresh Kumar Subject: Re: [PATCH] PM / OPP: Use snprintf() instead of sprintf() Message-ID: <20160105195247.GD22188@codeaurora.org> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 01/05, Viresh Kumar wrote: > sprintf() can access memory outside of the range of the character array, > and is risky in some situations. The driver specified prop_name string > can be longer than NAME_MAX here (only an attacker will do that though) > and so blindly copying it into the character array of size NAME_MAX > isn't safe. Instead we must use snprintf() here. > > Reported-by: Geert Uytterhoeven > Signed-off-by: Viresh Kumar > --- Acked-by: Stephen Boyd -- Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum, a Linux Foundation Collaborative Project