mwifiex: fix mwifiex_rdeeprom_read()
There were several bugs here. 1) The done label was in the wrong place so we didn't copy any information out when there was no command given. 2) We were using PAGE_SIZE as the size of the buffer instead of "PAGE_SIZE - pos". 3) snprintf() returns the number of characters that would have been printed if there were enough space. If there was not enough space (and we had fixed the memory corruption bug #2) then it would result in an information leak when we do simple_read_from_buffer(). I've changed it to use scnprintf() instead. I also removed the initialization at the start of the function, because I thought it made the code a little more clear. Fixes: 5e6e3a92 ('wireless: mwifiex: initial commit for Marvell mwifiex driver') Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com> Acked-by: NAmitkumar Karwar <akarwar@marvell.com> Signed-off-by: NKalle Valo <kvalo@codeaurora.org>
Showing
想要评论请 注册 或 登录