scsi: megaraid_sas: Use scnprintf() for avoiding potential buffer overflow
Since snprintf() returns the would-be-output size instead of the actual output size, the succeeding calls may go beyond the given buffer limit. Fix it by replacing with scnprintf(). Also corrected the wrongly passed limit size. The remaining buffer size must be decremented. Link: https://lore.kernel.org/r/20200315094241.9086-7-tiwai@suse.de Cc: "James E . J . Bottomley" <jejb@linux.ibm.com> Cc: "Martin K . Petersen" <martin.petersen@oracle.com> Cc: Kashyap Desai <kashyap.desai@broadcom.com> Cc: Sumit Saxena <sumit.saxena@broadcom.com> Cc: Shivasharan S <shivasharan.srikanteshwara@broadcom.com> Cc: linux-scsi@vger.kernel.org Signed-off-by: Takashi Iwai <tiwai@suse.de> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
This commit is contained in:
parent
6f0cf42474
commit
ff33d0e2b9
@ -2987,9 +2987,10 @@ megasas_dump_sys_regs(void __iomem *reg_set, char *buf)
|
||||
u32 __iomem *reg = (u32 __iomem *)reg_set;
|
||||
|
||||
for (i = 0; i < sz / sizeof(u32); i++) {
|
||||
bytes_wrote += snprintf(loc + bytes_wrote, PAGE_SIZE,
|
||||
"%08x: %08x\n", (i * 4),
|
||||
readl(®[i]));
|
||||
bytes_wrote += scnprintf(loc + bytes_wrote,
|
||||
PAGE_SIZE - bytes_wrote,
|
||||
"%08x: %08x\n", (i * 4),
|
||||
readl(®[i]));
|
||||
}
|
||||
return bytes_wrote;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user