block: aoe: Use scnprintf() for avoiding potential buffer overflow (03485104) · Commits · 戴 / test

Since snprintf() returns the would-be-output size instead of the actual output size, the succeeding calls may go beyond the given buffer limit. Fix it by replacing with scnprintf(). Signed-off-by:

Takashi Iwai <tiwai@suse.de> Signed-off-by:

Jens Axboe <axboe@kernel.dk>

drivers/block/aoe/aoeblk.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -87,9 +87,9 @@ static ssize_t aoedisk_show_netif(struct device *dev,
		if (*nd == NULL)
		return snprintf(page, PAGE_SIZE, "none\n");
		for (p = page; nd < ne; nd++)
		p += snprintf(p, PAGE_SIZE - (p-page), "%s%s",
		p += scnprintf(p, PAGE_SIZE - (p-page), "%s%s",
		p == page ? "" : ",", (*nd)->name);
		p += snprintf(p, PAGE_SIZE - (p-page), "\n");
		p += scnprintf(p, PAGE_SIZE - (p-page), "\n");
		return p-page;
		}
		/* firmware version */

Admin message