tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

video: omap2: Use scnprintf() for avoiding potential buffer overflow

Since snprintf() returns the would-be-output size instead of the
actual output size, the succeeding calls may go beyond the given
buffer limit. Fix it by replacing with scnprintf().

Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20200311093230.24900-3-tiwai@suse.de

authored by

Takashi Iwai and committed by
Bartlomiej Zolnierkiewicz 42f21e54 bf1b615a

+4 -4
+4 -4
drivers/video/fbdev/omap2/omapfb/omapfb-sysfs.c
··· 147 147 if (ovl == fbdev->overlays[ovlnum]) 148 148 break; 149 149 150 - l += snprintf(buf + l, PAGE_SIZE - l, "%s%d", 150 + l += scnprintf(buf + l, PAGE_SIZE - l, "%s%d", 151 151 t == 0 ? "" : ",", ovlnum); 152 152 } 153 153 154 - l += snprintf(buf + l, PAGE_SIZE - l, "\n"); 154 + l += scnprintf(buf + l, PAGE_SIZE - l, "\n"); 155 155 156 156 omapfb_unlock(fbdev); 157 157 unlock_fb_info(fbi); ··· 328 328 lock_fb_info(fbi); 329 329 330 330 for (t = 0; t < ofbi->num_overlays; t++) { 331 - l += snprintf(buf + l, PAGE_SIZE - l, "%s%d", 331 + l += scnprintf(buf + l, PAGE_SIZE - l, "%s%d", 332 332 t == 0 ? "" : ",", ofbi->rotation[t]); 333 333 } 334 334 335 - l += snprintf(buf + l, PAGE_SIZE - l, "\n"); 335 + l += scnprintf(buf + l, PAGE_SIZE - l, "\n"); 336 336 337 337 unlock_fb_info(fbi); 338 338