parport: Proper fix for array out-of-bounds access (02ac3a9e) · Commits · linux-arm / linux-rr

Commit 02ac3a9e authored Sep 20, 2024 by Takashi Iwai Committed by Greg Kroah-Hartman Oct 13, 2024

parport: Proper fix for array out-of-bounds access



The recent fix for array out-of-bounds accesses replaced sprintf()
calls blindly with snprintf().  However, since snprintf() returns the
would-be-printed size, not the actually output size, the length
calculation can still go over the given limit.

Use scnprintf() instead of snprintf(), which returns the actually
output letters, for addressing the potential out-of-bounds access
properly.

Fixes: ab11dac9 ("dev/parport: fix the array out-of-bounds risk")
Cc: stable@vger.kernel.org
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Link: https://lore.kernel.org/r/20240920103318.19271-1-tiwai@suse.de


Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

parent 7528cb0f

Hide whitespace changes

Inline Side-by-side

Please register or to comment

Admin message

parport: Proper fix for array out-of-bounds access