Re: [PATCHv5 2/5] scsi: Export blacklist flags to sysfs

Bart Van Assche Tue, 26 Sep 2017 09:12:45 -0700

On Fri, 2017-09-22 at 08:04 +0200, Hannes Reinecke wrote:
> +static ssize_t
> +sdev_show_blacklist(struct device *dev, struct device_attribute *attr,
> +                 char *buf)
> +{


Please make this function accept the output buffer size as fourth argument.

> +             if (len)
> +                     len += snprintf(buf + len, 2, " ");
> +
> +             if (name)
> +                     len += snprintf(buf + len, strlen(name) + 1,
> +                                     "%s", name);
> +             else
> +                     len += snprintf(buf + len, 67,
> +                                     "INVALID_BIT(%d)", i);
+       }
> +     if (len)
> +             len += snprintf(buf + len, 2, "\n");

Please adjust the snprintf() statements such that no buffer overflow can be
triggered.

Thanks,

Bart.

Re: [PATCHv5 2/5] scsi: Export blacklist flags to sysfs

Reply via email to