On Thu, Sep 26, 2002 at 02:33:50AM +0200, Andi Kleen wrote:
> David Brownell <david-b@pacbell.net> writes:
>=20
> > > + /* stuff we want to pass to /sbin/hotplug */
> > > + envp[i++] =3D scratch;
> > > + scratch +=3D sprintf (scratch, "PCI_CLASS=3D%04X", pdev->class) + 1;
> > > +
> > > + envp[i++] =3D scratch;
> > > + scratch +=3D sprintf (scratch, "PCI_ID=3D%04X:%04X",
> > > + pdev->vendor, pdev->device) + 1;
> >=20
> > And so forth. Use "snprintf" and prevent overrunning those buffers...
>=20
> Hmm? An %04X format is perfectly bounded.
Technically, it isn't bounded. The field will expand if the value exceeds
4 digits. =20
However, these values can't do that. At least not now.
But, as a good programming practice, snprintf should be used. Heck, PCI
3.0 might use 32-bit vendor and device values, instead of 8 bit. So, if
nothing else, do it as insurance for the future.
Matt
--=20
Matthew Dharm Home: mdharm-usb@one-eyed-alien.=
net=20
Maintainer, Linux USB Mass Storage Driver
It was a new hope.
-- Dust Puppy
User Friendly, 12/25/1998
--9amGYk9869ThD9tj
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE9kljUIjReC7bSPZARAvs3AKDT+HwxRVufr7PO3aKyrzLe3I7uyACePruX
EMy0LeXlWRSVAhX/pNjfhuY=
=qip2
-----END PGP SIGNATURE-----
--9amGYk9869ThD9tj--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/