thunderbolt: Use scnprintf() for avoiding potential buffer overflow

Since snprintf() returns the would-be-output size instead of the
actual output size, the succeeding calls may go beyond the given
buffer limit.  Fix it by replacing with scnprintf().

Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
This commit is contained in:
Takashi Iwai 2020-03-11 10:28:07 +01:00 committed by Mika Westerberg
parent 3084ea9ea8
commit 3010518964

View File

@ -147,10 +147,10 @@ static ssize_t boot_acl_show(struct device *dev, struct device_attribute *attr,
for (ret = 0, i = 0; i < tb->nboot_acl; i++) {
if (!uuid_is_null(&uuids[i]))
ret += snprintf(buf + ret, PAGE_SIZE - ret, "%pUb",
ret += scnprintf(buf + ret, PAGE_SIZE - ret, "%pUb",
&uuids[i]);
ret += snprintf(buf + ret, PAGE_SIZE - ret, "%s",
ret += scnprintf(buf + ret, PAGE_SIZE - ret, "%s",
i < tb->nboot_acl - 1 ? "," : "\n");
}