lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20150424112413.GA13642@visteon-gnana>
Date:	Fri, 24 Apr 2015 11:22:24 +0000
From:	"DHANAPAL, GNANACHANDRAN (G.)" <gdhanapa@...teon.com>
To:	"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>
CC:	"lidza.louina@...il.com" <lidza.louina@...il.com>,
	"markh@...pro.net" <markh@...pro.net>,
	"driverdev-devel@...uxdriverproject.org" 
	<driverdev-devel@...uxdriverproject.org>,
	"devel@...verdev.osuosl.org" <devel@...verdev.osuosl.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"Babu, Viswanathan (V.)" <vbabu3@...teon.com>,
	"gnanachandran@...il.com" <gnanachandran@...il.com>
Subject: [PATCH] Staging: dgnc: Replace snprintf instead of sprintf

This patch replaces snprintf instead of sprintf to avoid buffer overflow

Signed-off-by: Gnanachandran Dhanapal <gdhanapa@...teon.com>
---
 drivers/staging/dgnc/dgnc_mgmt.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/staging/dgnc/dgnc_mgmt.c b/drivers/staging/dgnc/dgnc_mgmt.c
index b13318a..aa20a66 100644
--- a/drivers/staging/dgnc/dgnc_mgmt.c
+++ b/drivers/staging/dgnc/dgnc_mgmt.c
@@ -116,7 +116,7 @@ long dgnc_mgmt_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
 		spin_lock_irqsave(&dgnc_global_lock, flags);
 
 		ddi.dinfo_nboards = dgnc_NumBoards;
-		sprintf(ddi.dinfo_version, "%s", DG_PART);
+		snprintf(ddi.dinfo_version, strlen(DG_PART)+1, "%s", DG_PART);
 
 		spin_unlock_irqrestore(&dgnc_global_lock, flags);
 
-- 
1.7.9.5
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ