summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTakashi Iwai <tiwai@suse.de>2020-03-11 08:16:06 +0100
committerVinod Koul <vkoul@kernel.org>2020-03-11 10:40:45 +0100
commit3a5a8a27545ddd8bbdcc9241230a2eed4e81c931 (patch)
tree4653fe3db4a5f98e100289db3b8d4d537289121b
parentdmaengine: idxd: remove global token limit check (diff)
downloadlinux-3a5a8a27545ddd8bbdcc9241230a2eed4e81c931.tar.xz
linux-3a5a8a27545ddd8bbdcc9241230a2eed4e81c931.zip
dmaengine: ppc4xx: Use scnprintf() for avoiding potential buffer overflow
Since snprintf() returns the would-be-output size instead of the actual output size, the succeeding calls may go beyond the given buffer limit. Fix it by replacing with scnprintf(). Signed-off-by: Takashi Iwai <tiwai@suse.de> Link: https://lore.kernel.org/r/20200311071606.4485-1-tiwai@suse.de Signed-off-by: Vinod Koul <vkoul@kernel.org>
-rw-r--r--drivers/dma/ppc4xx/adma.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/dma/ppc4xx/adma.c b/drivers/dma/ppc4xx/adma.c
index fbabd2e88a18..4db000d5f01c 100644
--- a/drivers/dma/ppc4xx/adma.c
+++ b/drivers/dma/ppc4xx/adma.c
@@ -4303,7 +4303,7 @@ static ssize_t devices_show(struct device_driver *dev, char *buf)
for (i = 0; i < PPC440SPE_ADMA_ENGINES_NUM; i++) {
if (ppc440spe_adma_devices[i] == -1)
continue;
- size += snprintf(buf + size, PAGE_SIZE - size,
+ size += scnprintf(buf + size, PAGE_SIZE - size,
"PPC440SP(E)-ADMA.%d: %s\n", i,
ppc_adma_errors[ppc440spe_adma_devices[i]]);
}