On 01/05, Viresh Kumar wrote: > sprintf() can access memory outside of the range of the character array, > and is risky in some situations. The driver specified prop_name string > can be longer than NAME_MAX here (only an attacker will do that though) > and so blindly copying it into the character array of size NAME_MAX > isn't safe. Instead we must use snprintf() here. > > Reported-by: Geert Uytterhoeven <[email protected]> > Signed-off-by: Viresh Kumar <[email protected]> > ---
Acked-by: Stephen Boyd <[email protected]> -- Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum, a Linux Foundation Collaborative Project -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
