ipr: Fix out-of-bounds null overwrite
Return value of snprintf is not bound by size value, 2nd argument. (https://www.kernel.org/doc/htmldocs/kernel-api/API-snprintf.html). Return value is number of printed chars, can be larger than 2nd argument. Therefore, it can write null byte out of bounds ofbuffer. Since snprintf puts null, it does not need to put additional null byte. Signed-off-by: NInsu Yun <wuninsu@gmail.com> Reviewed-by: NShane Seymour <shane.seymour@hpe.com> Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>
Showing
想要评论请 注册 或 登录