Re: [PATCH v2 3/3] staging: rtl8723bs: os_dep: Replace sprintf with scnprintf

On Mon, Mar 01, 2021 at 06:07:25PM +0300, Dan Carpenter wrote: > On Mon, Mar 01, 2021 at 10:00:11PM +0700, Candy Febriyanto wrote: > > The use of sprintf with format string here means that there is a risk > > that the writes will go out of bounds, replace it with scnprintf. > &

[PATCH v2 2/3] staging: rtl8723bs: hal: Replace sprintf with scnprintf

The use of sprintf with format string here means that there is a risk that the writes will go out of bounds, replace it with scnprintf. Also avoid unnecessarily passing "%s" on some of the function calls. Signed-off-by: Candy Febriyanto Reviewed-by: Hans de Goede --- drivers/staging

[PATCH v2 3/3] staging: rtl8723bs: os_dep: Replace sprintf with scnprintf

er "p", remove it. Signed-off-by: Candy Febriyanto --- Changed since V1: - Dan Carpenter: assign the return value of scnprintf to the length variable instead of calling strlen .../staging/rtl8723bs/os_dep/ioctl_linux.c| 23 +-- drivers/staging/rtl8723bs/os_dep/ml

[PATCH v2 1/3] staging: rtl8723bs: core: Replace sprintf with scnprintf

The use of sprintf with format string here means that there is a risk that the writes will go out of bounds, replace it with scnprintf. In on_action_public_default the variable "cnt" isn't being used for anything meaningful so remove it. Signed-off-by: Candy Febriyanto Revie

[PATCH v2 0/3] staging: rtl8723bs: Replace sprintf with scnprintf

This patchset replaces most calls to sprintf with scnprintf, thereby preventing potential buffer overflows. The rest I left alone because they write to a buffer passed by a caller that doesn't pass its size alongside it. Candy Febriyanto (3): staging: rtl8723bs: core: Replace sprintf

Re: [PATCH 0/3] staging: rtl8723bs: Replace sprintf with scnprintf

On Mon, Mar 01, 2021 at 02:45:00PM +0100, Hans de Goede wrote: > Hi, > > On 3/1/21 2:12 PM, Candy Febriyanto wrote: > > This patchset replaces most calls to sprintf with scnprintf, thereby > > preventing potential buffer overflows. The rest I left alone because > > th

Re: [PATCH 3/3] staging: rtl8723bs: os_dep: Replace sprintf with scnprintf

On Mon, Mar 01, 2021 at 04:41:09PM +0300, Dan Carpenter wrote: > On Mon, Mar 01, 2021 at 08:13:54PM +0700, Candy Febriyanto wrote: > > @@ -5082,7 +5084,7 @@ static int rtw_ioctl_wext_private(struct net_device > > *dev, union iwreq_data *wrq_ > > c

[PATCH 3/3] staging: rtl8723bs: os_dep: Replace sprintf with scnprintf

er "p", remove it. Signed-off-by: Candy Febriyanto --- .../staging/rtl8723bs/os_dep/ioctl_linux.c| 20 ++- drivers/staging/rtl8723bs/os_dep/mlme_linux.c | 6 +++--- 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/drivers/staging/rtl8723bs/os_dep/i

[PATCH 2/3] staging: rtl8723bs: hal: Replace sprintf with scnprintf

The use of sprintf with format string here means that there is a risk that the writes will go out of bounds, replace it with scnprintf. Also avoid unnecessarily passing "%s" on some of the function calls. Signed-off-by: Candy Febriyanto --- drivers/staging/rtl8723bs/hal/hal_

[PATCH 1/3] staging: rtl8723bs: core: Replace sprintf with scnprintf

The use of sprintf with format string here means that there is a risk that the writes will go out of bounds, replace it with scnprintf. In on_action_public_default the variable "cnt" isn't being used for anything meaningful so remove it. Signed-off-by: Candy Febriyanto ---

[PATCH 0/3] staging: rtl8723bs: Replace sprintf with scnprintf

This patchset replaces most calls to sprintf with scnprintf, thereby preventing potential buffer overflows. The rest I left alone because they write to a buffer passed by a caller that doesn't pass its size alongside it. Candy Febriyanto (3): staging: rtl8723bs: core: Replace sprintf