Commit 75a384ce authored by Dan Carpenter's avatar Dan Carpenter Committed by Jakub Kicinski
Browse files

ptp: prevent string overflow 



The ida_alloc_max() function can return up to INT_MAX so this buffer is
not large enough.  Also use snprintf() for extra safety.

Fixes: 403376dd ("ptp: add debugfs interface to see applied channel masks")
Signed-off-by: default avatarDan Carpenter <dan.carpenter@linaro.org>
Reviewed-by: default avatarPrzemek Kitszel <przemyslaw.kitszel@intel.com>
Link: https://lore.kernel.org/r/d4b1a995-a0cb-4125-aa1d-5fd5044aba1d@moroto.mountain


Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parent 041c3466

drivers/ptp/ptp_clock.c

+2 −2
Original line number Diff line number Diff line
@@ -220,7 +220,7 @@ struct ptp_clock *ptp_clock_register(struct ptp_clock_info *info, 
	struct ptp_clock *ptp;

	struct timestamp_event_queue *queue = NULL;

	int err = 0, index, major = MAJOR(ptp_devt);

	char debugfsname[8];

	char debugfsname[16];

	size_t size;



	if (info->n_alarm > PTP_MAX_ALARMS)
@@ -343,7 +343,7 @@ struct ptp_clock *ptp_clock_register(struct ptp_clock_info *info, 
	}



	/* Debugfs initialization */

	sprintf(debugfsname, "ptp%d", ptp->index);

	snprintf(debugfsname, sizeof(debugfsname), "ptp%d", ptp->index);

	ptp->debugfs_root = debugfs_create_dir(debugfsname, NULL);



	return ptp;