diff options
author | Dan Carpenter <error27@gmail.com> | 2010-09-04 10:33:03 +0200 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2010-09-07 03:29:19 +0200 |
commit | f417f5e4ba79a08e992c79a4bb84c8a8c5062017 (patch) | |
tree | 4142b1329e245ad62a144e0e6fedd64554b9af00 /drivers/isdn | |
parent | isdn: potential buffer overflows (diff) | |
download | linux-f417f5e4ba79a08e992c79a4bb84c8a8c5062017.tar.xz linux-f417f5e4ba79a08e992c79a4bb84c8a8c5062017.zip |
isdn: cleanup: make buffer smaller
This showed up in my audit because we use strcpy() to copy "ds" into a
32 character buffer inside the isdn_tty_dial() function. But it turns
out that we only ever use the first 32 characters so it's OK. I have
changed the declaration to make the static checkers happy.
Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'drivers/isdn')
-rw-r--r-- | drivers/isdn/i4l/isdn_tty.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/drivers/isdn/i4l/isdn_tty.c b/drivers/isdn/i4l/isdn_tty.c index 51dc60da333b..f013ee15327c 100644 --- a/drivers/isdn/i4l/isdn_tty.c +++ b/drivers/isdn/i4l/isdn_tty.c @@ -3515,7 +3515,7 @@ isdn_tty_parse_at(modem_info * info) { atemu *m = &info->emu; char *p; - char ds[40]; + char ds[ISDN_MSNLEN]; #ifdef ISDN_DEBUG_AT printk(KERN_DEBUG "AT: '%s'\n", m->mdmcmd); @@ -3594,7 +3594,7 @@ isdn_tty_parse_at(modem_info * info) break; case '3': p++; - sprintf(ds, "\r\n%d", info->emu.charge); + snprintf(ds, sizeof(ds), "\r\n%d", info->emu.charge); isdn_tty_at_cout(ds, info); break; default:; |