Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b0641e53 authored Sep 20, 2024 by Takashi Iwai Committed by Greg Kroah-Hartman Nov 08, 2024

parport: Proper fix for array out-of-bounds access



commit 02ac3a9ef3a18b58d8f3ea2b6e46de657bf6c4f9 upstream.

The recent fix for array out-of-bounds accesses replaced sprintf()
calls blindly with snprintf().  However, since snprintf() returns the
would-be-printed size, not the actually output size, the length
calculation can still go over the given limit.

Use scnprintf() instead of snprintf(), which returns the actually
output letters, for addressing the potential out-of-bounds access
properly.

Fixes: ab11dac93d2d ("dev/parport: fix the array out-of-bounds risk")
Cc: stable@vger.kernel.org
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Link: https://lore.kernel.org/r/20240920103318.19271-1-tiwai@suse.de


Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

parent 5ead5b44

Show whitespace changes

Inline Side-by-side

Manu Suresh @manu.suresh
mentioned in commit 8ee3ff60
· May 15, 2025

mentioned in commit 8ee3ff60

mentioned in commit 8ee3ff60103d85ad00366866387645645c52deeb

Toggle commit list

Please register or to comment