iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

usbip: Fix sscanf handling

Browse Source 
Scan only to the length permitted by the buffer

One of a set of sscanf problems noted by Jackie Chang

Signed-off-by: Alan Cox <alan@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Alan
2013-12-11 18:32:59 +00:00
committed by Greg Kroah-Hartman
parent 66a01f1158
commit 2d32927127
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
drivers/staging/usbip/userspace/libsrc/usbip_common.c
View File

@@ -165,7 +165,7 @@ int read_attr_speed(struct sysfs_device *dev)
goto err; goto err;
} }
ret = sscanf(attr->value, "%s\n", speed); ret = sscanf(attr->value, "%99s\n", speed);
if (ret < 1) { if (ret < 1) {
dbg("sscanf failed"); dbg("sscanf failed");
goto err; goto err;

2
drivers/staging/usbip/userspace/libsrc/vhci_driver.c
View File

@@ -72,7 +72,7 @@ static int parse_status(char *value)
unsigned long socket; unsigned long socket;
char lbusid[SYSFS_BUS_ID_SIZE]; char lbusid[SYSFS_BUS_ID_SIZE];
ret = sscanf(c, "%d %d %d %x %lx %s\n", ret = sscanf(c, "%d %d %d %x %lx %31s\n",
&port, &status, &speed, &port, &status, &speed,
&devid, &socket, lbusid); &devid, &socket, lbusid);