Re: [PATCH] iio: force snprintf for PAGE_SIZE bufs
From: Jonathan Cameron
Date: Sat Mar 15 2014 - 10:44:56 EST
On 13/03/14 16:46, Kees Cook wrote:
This is a tiny preventative measure to make sure we can't write beyond
PAGE_SIZE on the buffers being used in sysfs for iio. There is currently
no way for this to happen, but the change makes this code more robust
for the future.
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
A sensible enough change I guess.
Applied to the togreg branch of iio.git
Jonathan
---
drivers/iio/industrialio-core.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/iio/industrialio-core.c b/drivers/iio/industrialio-core.c
index acc911a836ca..64bb64f35af8 100644
--- a/drivers/iio/industrialio-core.c
+++ b/drivers/iio/industrialio-core.c
@@ -340,7 +340,7 @@ ssize_t iio_enum_read(struct iio_dev *indio_dev,
else if (i >= e->num_items)
return -EINVAL;
- return sprintf(buf, "%s\n", e->items[i]);
+ return snprintf(buf, PAGE_SIZE, "%s\n", e->items[i]);
}
EXPORT_SYMBOL_GPL(iio_enum_read);
@@ -836,7 +836,7 @@ static ssize_t iio_show_dev_name(struct device *dev,
char *buf)
{
struct iio_dev *indio_dev = dev_to_iio_dev(dev);
- return sprintf(buf, "%s\n", indio_dev->name);
+ return snprintf(buf, PAGE_SIZE, "%s\n", indio_dev->name);
}
static DEVICE_ATTR(name, S_IRUGO, iio_show_dev_name, NULL);
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/