The snprintf() function returns the number of characters (not
counting the NUL terminator) that it would have printed if we
had space.
This buffer has UBIFS_DFS_DIR_LEN characters plus one extra for
the terminator. Printing UBIFS_DFS_DIR_LEN is okay but anything
higher will result in truncation. Thus the comparison needs to be
change from == to >.
These strings are compile time constants so this patch doesn't
affect runtime.
Fixes: ae380ce04731 ("UBIFS: lessen the size of debugging info data structure")
Signed-off-by: Dan Carpenter <[email protected]>
---
drivers/mtd/ubi/debug.c | 2 +-
fs/ubifs/debug.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/mtd/ubi/debug.c b/drivers/mtd/ubi/debug.c
index ac2bdba8bb1a..3c0c8eca4d51 100644
--- a/drivers/mtd/ubi/debug.c
+++ b/drivers/mtd/ubi/debug.c
@@ -511,7 +511,7 @@ int ubi_debugfs_init_dev(struct ubi_device *ubi)
n = snprintf(d->dfs_dir_name, UBI_DFS_DIR_LEN + 1, UBI_DFS_DIR_NAME,
ubi->ubi_num);
- if (n == UBI_DFS_DIR_LEN) {
+ if (n > UBI_DFS_DIR_LEN) {
/* The array size is too small */
return -EINVAL;
}
diff --git a/fs/ubifs/debug.c b/fs/ubifs/debug.c
index 1bbb9fe661b1..fc718f6178f2 100644
--- a/fs/ubifs/debug.c
+++ b/fs/ubifs/debug.c
@@ -2824,7 +2824,7 @@ void dbg_debugfs_init_fs(struct ubifs_info *c)
n = snprintf(d->dfs_dir_name, UBIFS_DFS_DIR_LEN + 1, UBIFS_DFS_DIR_NAME,
c->vi.ubi_num, c->vi.vol_id);
- if (n == UBIFS_DFS_DIR_LEN) {
+ if (n > UBIFS_DFS_DIR_LEN) {
/* The array size is too small */
return;
}
--
2.30.2
Hello,
Am Tue, May 11, 2021 at 10:12:00AM +0300 schrieb Dan Carpenter:
> The snprintf() function returns the number of characters (not
> counting the NUL terminator) that it would have printed if we
> had space.
>
> This buffer has UBIFS_DFS_DIR_LEN characters plus one extra for
> the terminator. Printing UBIFS_DFS_DIR_LEN is okay but anything
> higher will result in truncation. Thus the comparison needs to be
> change from == to >.
>
> These strings are compile time constants so this patch doesn't
> affect runtime.
>
> Fixes: ae380ce04731 ("UBIFS: lessen the size of debugging info data structure")
> Signed-off-by: Dan Carpenter <[email protected]>
> ---
> drivers/mtd/ubi/debug.c | 2 +-
> fs/ubifs/debug.c | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/mtd/ubi/debug.c b/drivers/mtd/ubi/debug.c
> index ac2bdba8bb1a..3c0c8eca4d51 100644
> --- a/drivers/mtd/ubi/debug.c
> +++ b/drivers/mtd/ubi/debug.c
> @@ -511,7 +511,7 @@ int ubi_debugfs_init_dev(struct ubi_device *ubi)
>
> n = snprintf(d->dfs_dir_name, UBI_DFS_DIR_LEN + 1, UBI_DFS_DIR_NAME,
> ubi->ubi_num);
> - if (n == UBI_DFS_DIR_LEN) {
> + if (n > UBI_DFS_DIR_LEN) {
> /* The array size is too small */
> return -EINVAL;
> }
> diff --git a/fs/ubifs/debug.c b/fs/ubifs/debug.c
> index 1bbb9fe661b1..fc718f6178f2 100644
> --- a/fs/ubifs/debug.c
> +++ b/fs/ubifs/debug.c
> @@ -2824,7 +2824,7 @@ void dbg_debugfs_init_fs(struct ubifs_info *c)
>
> n = snprintf(d->dfs_dir_name, UBIFS_DFS_DIR_LEN + 1, UBIFS_DFS_DIR_NAME,
> c->vi.ubi_num, c->vi.vol_id);
> - if (n == UBIFS_DFS_DIR_LEN) {
> + if (n > UBIFS_DFS_DIR_LEN) {
> /* The array size is too small */
> return;
> }
Reviewed-by: Alexander Dahl <[email protected]>
Greets
Alex