Dan Carpenter <[email protected]> wrote: > It looks like we wanted to print a maximum of BSSList_rid.ssidLen bytes > of the ssid, but we accidentally use "%*s" (width) instead of "%.*s" > (precision) so if the ssid doesn't have a NUL terminator this could lead > to an overflow. > > Static analysis. Not tested. > > Fixes: e174961ca1a0 ("net: convert print_mac to %pM") > Signed-off-by: Dan Carpenter <[email protected]>
Patch applied to wireless-drivers-next.git, thanks. 3d39e1bb1c88 wireless: airo: potential buffer overflow in sprintf() -- https://patchwork.kernel.org/patch/10654389/ https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
