ACPI: PCI: Use scnprintf() for avoiding potential buffer overflow

Since snprintf() returns the would-be-output size instead of the actual output size, the succeeding calls may go beyond the given buffer limit. Fix it by replacing with scnprintf(). Signed-off-by: Takashi Iwai <tiwai@suse.de> Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
author: Takashi Iwai <tiwai@suse.de> 2020-03-11 08:09:58 +0100
committer: Rafael J. Wysocki <rafael.j.wysocki@intel.com> 2020-03-14 11:15:10 +0100
commit: edd66086449cdc2763d14afc65cd2023bf37306a (patch)
tree: 6d1060a8d1d244f8d6494a705b539045a0471fe0 /drivers/acpi
parent: Linux 5.6-rc5 (diff)
download: linux-dev-edd66086449cdc2763d14afc65cd2023bf37306a.tar.xz
linux-dev-edd66086449cdc2763d14afc65cd2023bf37306a.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/acpi/pci_root.c b/drivers/acpi/pci_root.c
index d1e666ef3fcc..f92df2533e7e 100644
--- a/drivers/acpi/pci_root.c
+++ b/drivers/acpi/pci_root.c
@@ -153,7 +153,7 @@ static void decode_osc_bits(struct acpi_pci_root *root, char *msg, u32 word,
 	buf[0] = '\0';
 	for (i = 0, entry = table; i < size; i++, entry++)
 		if (word & entry->bit)
-			len += snprintf(buf + len, sizeof(buf) - len, "%s%s",
+			len += scnprintf(buf + len, sizeof(buf) - len, "%s%s",
 					len ? " " : "", entry->desc);
 
 	dev_info(&root->device->dev, "_OSC: %s [%s]\n", msg, buf);
author	Takashi Iwai <tiwai@suse.de>	2020-03-11 08:09:58 +0100
committer	Rafael J. Wysocki <rafael.j.wysocki@intel.com>	2020-03-14 11:15:10 +0100
commit	edd66086449cdc2763d14afc65cd2023bf37306a (patch)
tree	6d1060a8d1d244f8d6494a705b539045a0471fe0 /drivers/acpi
parent	Linux 5.6-rc5 (diff)
download	linux-dev-edd66086449cdc2763d14afc65cd2023bf37306a.tar.xz linux-dev-edd66086449cdc2763d14afc65cd2023bf37306a.zip