Re: [PATCH] ACPI: NFIT: limit string attribute write

From: Ben Dooks
Date: Tue Jul 11 2023 - 04:36:52 EST


On 05/07/2023 19:34, Dave Jiang wrote:


On 7/4/23 01:17, Ben Dooks wrote:
If we're writing what could be an arbitrary sized string into an attribute
we should probably use snprintf() just to be safe. Most of the other
attriubtes are some sort of integer so unlikely to be an issue so not
altered at this time.

Signed-off-by: Ben Dooks <ben.dooks@xxxxxxxxxxxxxxx>
---
  drivers/acpi/nfit/core.c | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/acpi/nfit/core.c b/drivers/acpi/nfit/core.c
index 9213b426b125..d7e9d9cd16d2 100644
--- a/drivers/acpi/nfit/core.c
+++ b/drivers/acpi/nfit/core.c
@@ -1579,7 +1579,7 @@ static ssize_t id_show(struct device *dev,
  {
      struct nfit_mem *nfit_mem = to_nfit_mem(dev);
-    return sprintf(buf, "%s\n", nfit_mem->id);
+    return snprintf(buf, PAGE_SIZE, "%s\n", nfit_mem->id);

Why not just convert it to sysfs_emit()?

I'll look into that.

--
Ben Dooks http://www.codethink.co.uk/
Senior Engineer Codethink - Providing Genius

https://www.codethink.co.uk/privacy.html