Re: [PATCH] thermal: core: Replace sprintf in thermal_bind_cdev_to_trip

Next message: Mark Brown: "linux-next: build failure after merge of the block tree"
Previous message: Michal Luczaj: "Re: [PATCH bpf v3 5/5] bpf, sockmap: Adapt for af_unix-specific lock"
Next in thread: Rafael J. Wysocki: "Re: [PATCH] thermal: core: Replace sprintf in thermal_bind_cdev_to_trip"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Lukasz Luba

Date: Fri Mar 06 2026 - 09:12:56 EST

On 2/23/26 07:32, Thorsten Blum wrote:

Replace unbounded sprintf() with the safer snprintf(). While the
current code works correctly, snprintf() is safer and follows secure
coding best practices. No functional changes.

Agree

Signed-off-by: Thorsten Blum <thorsten.blum@xxxxxxxxx>
---
drivers/thermal/thermal_core.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/thermal/thermal_core.c b/drivers/thermal/thermal_core.c
index 17ca5c082643..89dd1666805f 100644
--- a/drivers/thermal/thermal_core.c
+++ b/drivers/thermal/thermal_core.c
@@ -861,7 +861,7 @@ static int thermal_bind_cdev_to_trip(struct thermal_zone_device *tz,
goto free_mem;
dev->id = result;
- sprintf(dev->name, "cdev%d", dev->id);
+ snprintf(dev->name, sizeof(dev->name), "cdev%d", dev->id);
result =
sysfs_create_link(&tz->device.kobj, &cdev->device.kobj, dev->name);
if (result)

LGTM, please add the tag and re-send so it's on top
so faster to pick-up for merging

Reviewed-by: Lukasz Luba <lukasz.luba@xxxxxxx>