xfs: Use scnprintf() for avoiding potential buffer overflow
Since snprintf() returns the would-be-output size instead of the actual output size, the succeeding calls may go beyond the given buffer limit. Fix it by replacing with scnprintf(). Signed-off-by: Takashi Iwai <tiwai@suse.de> Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
This commit is contained in:
Родитель
806d3909a5
Коммит
17bb60b741
|
@ -57,13 +57,13 @@ int xfs_stats_format(struct xfsstats __percpu *stats, char *buf)
|
|||
/* Loop over all stats groups */
|
||||
|
||||
for (i = j = 0; i < ARRAY_SIZE(xstats); i++) {
|
||||
len += snprintf(buf + len, PATH_MAX - len, "%s",
|
||||
len += scnprintf(buf + len, PATH_MAX - len, "%s",
|
||||
xstats[i].desc);
|
||||
/* inner loop does each group */
|
||||
for (; j < xstats[i].endpoint; j++)
|
||||
len += snprintf(buf + len, PATH_MAX - len, " %u",
|
||||
len += scnprintf(buf + len, PATH_MAX - len, " %u",
|
||||
counter_val(stats, j));
|
||||
len += snprintf(buf + len, PATH_MAX - len, "\n");
|
||||
len += scnprintf(buf + len, PATH_MAX - len, "\n");
|
||||
}
|
||||
/* extra precision counters */
|
||||
for_each_possible_cpu(i) {
|
||||
|
@ -72,9 +72,9 @@ int xfs_stats_format(struct xfsstats __percpu *stats, char *buf)
|
|||
xs_read_bytes += per_cpu_ptr(stats, i)->s.xs_read_bytes;
|
||||
}
|
||||
|
||||
len += snprintf(buf + len, PATH_MAX-len, "xpc %Lu %Lu %Lu\n",
|
||||
len += scnprintf(buf + len, PATH_MAX-len, "xpc %Lu %Lu %Lu\n",
|
||||
xs_xstrat_bytes, xs_write_bytes, xs_read_bytes);
|
||||
len += snprintf(buf + len, PATH_MAX-len, "debug %u\n",
|
||||
len += scnprintf(buf + len, PATH_MAX-len, "debug %u\n",
|
||||
#if defined(DEBUG)
|
||||
1);
|
||||
#else
|
||||
|
|
Загрузка…
Ссылка в новой задаче