Re: [PATCH] hwmon: (cros_ec) Prevent read overflow in probe()
From: Thomas Weißschuh
Date: Thu Jun 06 2024 - 10:57:23 EST
Thanks!
On 2024-06-06 16:12:11+0000, Dan Carpenter wrote:
> The "resp.sensor_name" comes from cros_ec_cmd() and it hasn't necessarily
> been NUL terminated. We had not intended to read past "sensor_name_size"
> bytes, however, there is a width vs precision bug in the format string.
> The format needs to be precision '%.*s' instead of width '%*s'.
> Precision prevents an out of bounds read, but width is a no-op.
>
> Fixes: bc3e45258096 ("hwmon: add ChromeOS EC driver")
> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Acked-by: Thomas Weißschuh <linux@xxxxxxxxxxxxxx>
devm_kstrndup() would have been nice.
Thomas