[PATCH V3] regulator: core: replace sprintf with scnprintf
From: Stefan Wahren
Date: Wed Jun 10 2015 - 02:13:49 EST
In order to avoid potential overflows in print_constraints we
better replace sprintf() with scnprintf().
Signed-off-by: Stefan Wahren <stefan.wahren@xxxxxxxx>
---
drivers/regulator/core.c | 43 ++++++++++++++++++++++++-------------------
1 file changed, 24 insertions(+), 19 deletions(-)
Changes in V3:
- rebase on fix/core since uV_offset issue is already fixed
Changes in V2:
- add fix for buffer overflow which had been noticed by Joe Perches
diff --git a/drivers/regulator/core.c b/drivers/regulator/core.c
index 53ed2d4..0efcbfb 100644
--- a/drivers/regulator/core.c
+++ b/drivers/regulator/core.c
@@ -780,58 +780,63 @@ static void print_constraints(struct regulator_dev *rdev)
{
struct regulation_constraints *constraints = rdev->constraints;
char buf[160] = "";
+ size_t len = sizeof(buf) - 1;
int count = 0;
int ret;
if (constraints->min_uV && constraints->max_uV) {
if (constraints->min_uV == constraints->max_uV)
- count += sprintf(buf + count, "%d mV ",
- constraints->min_uV / 1000);
+ count += scnprintf(buf + count, len - count, "%d mV ",
+ constraints->min_uV / 1000);
else
- count += sprintf(buf + count, "%d <--> %d mV ",
- constraints->min_uV / 1000,
- constraints->max_uV / 1000);
+ count += scnprintf(buf + count, len - count,
+ "%d <--> %d mV ",
+ constraints->min_uV / 1000,
+ constraints->max_uV / 1000);
}
if (!constraints->min_uV ||
constraints->min_uV != constraints->max_uV) {
ret = _regulator_get_voltage(rdev);
if (ret > 0)
- count += sprintf(buf + count, "at %d mV ", ret / 1000);
+ count += scnprintf(buf + count, len - count,
+ "at %d mV ", ret / 1000);
}
if (constraints->uV_offset)
- count += sprintf(buf + count, "%dmV offset ",
- constraints->uV_offset / 1000);
+ count += scnprintf(buf + count, len - count, "%dmV offset ",
+ constraints->uV_offset / 1000);
if (constraints->min_uA && constraints->max_uA) {
if (constraints->min_uA == constraints->max_uA)
- count += sprintf(buf + count, "%d mA ",
- constraints->min_uA / 1000);
+ count += scnprintf(buf + count, len - count, "%d mA ",
+ constraints->min_uA / 1000);
else
- count += sprintf(buf + count, "%d <--> %d mA ",
- constraints->min_uA / 1000,
- constraints->max_uA / 1000);
+ count += scnprintf(buf + count, len - count,
+ "%d <--> %d mA ",
+ constraints->min_uA / 1000,
+ constraints->max_uA / 1000);
}
if (!constraints->min_uA ||
constraints->min_uA != constraints->max_uA) {
ret = _regulator_get_current_limit(rdev);
if (ret > 0)
- count += sprintf(buf + count, "at %d mA ", ret / 1000);
+ count += scnprintf(buf + count, len - count,
+ "at %d mA ", ret / 1000);
}
if (constraints->valid_modes_mask & REGULATOR_MODE_FAST)
- count += sprintf(buf + count, "fast ");
+ count += scnprintf(buf + count, len - count, "fast ");
if (constraints->valid_modes_mask & REGULATOR_MODE_NORMAL)
- count += sprintf(buf + count, "normal ");
+ count += scnprintf(buf + count, len - count, "normal ");
if (constraints->valid_modes_mask & REGULATOR_MODE_IDLE)
- count += sprintf(buf + count, "idle ");
+ count += scnprintf(buf + count, len - count, "idle ");
if (constraints->valid_modes_mask & REGULATOR_MODE_STANDBY)
- count += sprintf(buf + count, "standby");
+ count += scnprintf(buf + count, len - count, "standby");
if (!count)
- sprintf(buf, "no parameters");
+ scnprintf(buf, len, "no parameters");
rdev_dbg(rdev, "%s\n", buf);
--
1.7.9.5
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/