lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170525064627.GA7597@kroah.com>
Date:   Thu, 25 May 2017 08:46:27 +0200
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Harinath Nampally <harinath922@...il.com>
Cc:     lars@...afoo.de, devel@...verdev.osuosl.org,
        Michael.Hennerich@...log.com, linux-iio@...r.kernel.org,
        linux-kernel@...r.kernel.org, pmeerw@...erw.net, knaack.h@....de,
        jic23@...nel.org
Subject: Re: [PATCH] staging: iio: light: Replace snprintf calls with
 scnprintf

On Wed, May 24, 2017 at 07:22:11PM -0400, Harinath Nampally wrote:
> This patch fixes the miscoded use of return value of snprintf
> by using the scnprintf function which returns the length of actual
> string created in the buffer.
> 
> Signed-off-by: Harinath Nampally <harinath922@...il.com>
> ---
>  drivers/staging/iio/light/tsl2x7x.c | 20 ++++++++++----------
>  1 file changed, 10 insertions(+), 10 deletions(-)
> 
> diff --git a/drivers/staging/iio/light/tsl2x7x.c b/drivers/staging/iio/light/tsl2x7x.c
> index 1467199..6908bc1 100644
> --- a/drivers/staging/iio/light/tsl2x7x.c
> +++ b/drivers/staging/iio/light/tsl2x7x.c
> @@ -921,7 +921,7 @@ static ssize_t power_state_show(struct device *dev,
>  {
>  	struct tsl2X7X_chip *chip = iio_priv(dev_to_iio_dev(dev));
>  
> -	return snprintf(buf, PAGE_SIZE, "%d\n", chip->tsl2x7x_chip_status);
> +	return scnprintf(buf, PAGE_SIZE, "%d\n", chip->tsl2x7x_chip_status);

It should just be sprintf(), no need for testing for PAGE_SIZE for sysfs
attributes, we "know" an integer will not overflow that buffer.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ