Commit 15a28c7c authored by Masahiro Yamada's avatar Masahiro Yamada
Browse files

modpost: use snprintf() instead of sprintf() for safety 



Use snprintf() to avoid the potential buffer overflow, and also
check the return value to detect the too long path.

Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
Reviewed-by: default avatarNick Desaulniers <ndesaulniers@google.com>
parent f4d40868

scripts/mod/modpost.c

+7 −1
Original line number Diff line number Diff line
@@ -2560,6 +2560,7 @@ int main(int argc, char **argv) 


	for (mod = modules; mod; mod = mod->next) {

		char fname[PATH_MAX];

		int ret;



		if (mod->is_vmlinux || mod->from_dump)

			continue;
@@ -2578,7 +2579,12 @@ int main(int argc, char **argv) 
		add_moddevtable(&buf, mod);

		add_srcversion(&buf, mod);



		sprintf(fname, "%s.mod.c", mod->name);

		ret = snprintf(fname, sizeof(fname), "%s.mod.c", mod->name);

		if (ret >= sizeof(fname)) {

			error("%s: too long path was truncated\n", fname);

			continue;

		}



		write_if_changed(&buf, fname);

	}