Re: WARNING in hwahc_probe

From: Qiujun Huang
Date: Sun Mar 22 2020 - 03:54:10 EST

Next message: gtk_ruiwang: "[PATCH] media: mtk-vpu: load vpu firmware from the new location"
Previous message: Denis Osterland-Heim: "Re: [PATCH v4 3/5] leds: pwm: check result of led_pwm_set() in led_pwm_add()"
In reply to: syzbot: "WARNING in hwahc_probe"
Next in thread: Greg KH: "Re: WARNING in hwahc_probe"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The return value of snprintf is longer than expected if the string is
truncated. Bytes need to be checked here.

diff --git a/drivers/staging/wusbcore/host/hwa-hc.c
b/drivers/staging/wusbcore/host/hwa-hc.c
index 8d959e9..1475a48 100644
--- a/drivers/staging/wusbcore/host/hwa-hc.c
+++ b/drivers/staging/wusbcore/host/hwa-hc.c
@@ -680,10 +680,12 @@ static int hwahc_security_create(struct hwahc *hwahc)
break;
}
itr += etd->bLength;
- bytes += snprintf(buf + bytes, sizeof(buf) - bytes,
- "%s (0x%02x) ",
- wusb_et_name(etd->bEncryptionType),
- etd->bEncryptionValue);
+
+ if (sizeof(buf) > bytes)
+ bytes += snprintf(buf + bytes, sizeof(buf) - bytes,
+ "%s (0x%02x) ",
+ wusb_et_name(etd->bEncryptionType),
+ etd->bEncryptionValue);
wusbhc->ccm1_etd = etd;
}
dev_info(dev, "supported encryption types: %s\n", buf);

Next message: gtk_ruiwang: "[PATCH] media: mtk-vpu: load vpu firmware from the new location"
Previous message: Denis Osterland-Heim: "Re: [PATCH v4 3/5] leds: pwm: check result of led_pwm_set() in led_pwm_add()"
In reply to: syzbot: "WARNING in hwahc_probe"
Next in thread: Greg KH: "Re: WARNING in hwahc_probe"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]