Re: [PATCH v2] ASoC: Intel: avs: Fix potential buffer overflow by snprintf()

Next message: Denis Benato: "Re: [PATCH v17 0/9] platform/x86: Add asus-armoury driver"
Previous message: Doug Anderson: "Re: [PATCH 1/4] dt-bindings: arm: google: Add bindings for frankel/blazer/mustang"
In reply to: hariconscious: "[PATCH v2] ASoC: Intel: avs: Fix potential buffer overflow by snprintf()"
Next in thread: Mark Brown: "Re: [PATCH v2] ASoC: Intel: avs: Fix potential buffer overflow by snprintf()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Greg KH

Date: Wed Nov 12 2025 - 14:20:25 EST

On Wed, Nov 12, 2025 at 11:48:51PM +0530, hariconscious@xxxxxxxxx wrote:
> From: HariKrishna Sagala <hariconscious@xxxxxxxxx>
>
> snprintf() returns the would-be-filled size when the string overflows
> the given buffer size, hence using this value may result in a buffer
> overflow (although it's unrealistic).

unrealistic == impossible

So why make this change at all?

> This patch replaces it with a safer version, scnprintf() for papering
> over such a potential issue.

Don't "paper over", actually fix real things.

> Link: https://github.com/KSPP/linux/issues/105
> 'Fixes: 5a565ba23abe ("ASoC: Intel: avs: Probing and firmware tracing
> over debugfs")'

No, this is not a "fix".

Also please do not wrap lines of fixes tags.

thanks,

greg k-h