diff options
| author | Lee Jones <lee@kernel.org> | 2023-11-30 11:54:37 +0100 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2023-12-04 14:25:17 +0100 |
| commit | 7d7f794482b74e39d8c0cd830333eb40fc0234d4 (patch) | |
| tree | c213aed1a83100e38baacc6566e5159354d6f293 /README | |
| parent | usb: cdnsp: Replace snprintf() with the safer scnprintf() variant (diff) | |
| download | linux-7d7f794482b74e39d8c0cd830333eb40fc0234d4.tar.xz linux-7d7f794482b74e39d8c0cd830333eb40fc0234d4.zip | |
usb: fotg210-hcd: Replace snprintf() with the safer scnprintf() variant
There is a general misunderstanding amongst engineers that {v}snprintf()
returns the length of the data *actually* encoded into the destination
array. However, as per the C99 standard {v}snprintf() really returns
the length of the data that *would have been* written if there were
enough space for it. This misunderstanding has led to buffer-overruns
in the past. It's generally considered safer to use the {v}scnprintf()
variants in their place (or even sprintf() in simple cases). So let's
do that.
The uses in this file both seem to assume that data *has been* written!
Link: https://lwn.net/Articles/69419/
Link: https://github.com/KSPP/linux/issues/105
Cc: Linus Walleij <linus.walleij@linaro.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Yuan-Hsin Chen <yhchen@faraday-tech.com>
Cc: Feng-Hsin Chiang <john453@faraday-tech.com>
Cc: Po-Yu Chuang <ratbert.chuang@gmail.com>
Cc: linux-usb@vger.kernel.org
Signed-off-by: Lee Jones <lee@kernel.org>
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
Link: https://lore.kernel.org/r/20231130105459.3208986-4-lee@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'README')
0 files changed, 0 insertions, 0 deletions