Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp5441746rdb;
        Wed, 13 Dec 2023 08:44:14 -0800 (PST)
X-Google-Smtp-Source: AGHT+IFirxH6BJd5xBSNTR+gXxLlMBVfy4Ds1k9dZ7m19LytCxHFsAwaLY6so+se4p3GvXtJxiA+
X-Received: by 2002:a05:6e02:33a1:b0:35d:59a2:be4 with SMTP id bn33-20020a056e0233a100b0035d59a20be4mr7990854ilb.122.1702485854355;
        Wed, 13 Dec 2023 08:44:14 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1702485854; cv=none;
        d=google.com; s=arc-20160816;
        b=K3KKq8D4aeKOmwlppRoFONtvqJdF1P0f7a0efW9kU45nbon23lu8ixRWKjAMhpdRo2
         NMiNPDRlPwKaOdnIOlv+FRJFHA983Dq4rGpmz95vFC2bl3+13v0ymbtTAP7CBSv8JdUZ
         IdP/Op+2icvyl916oY9xxVYwdZ4DIUW1hnLd2IawVFBqj4ZLV4OvLJx6WNZ1ajzW5z6I
         Rg4l9eqKibN3p/CBdaPFqpAM2apjITWu0hXmNcziaLEaJ9tZw8Ly0KMUWzm28aLn95Ur
         Z+9wG0qKrYk0154ZRV88ZehxsiHwSskiVDjBKtFbiBOMlsRHQo52e78zeaI7X2DBWF0J
         snsw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=xx/uTVVWyY5mN5ilSa8XPZe+l77vPBs4g4uKRly+Zm4=;
        fh=FjQ41B97MbMv+sjH85/Gs82J1S6Q/Mx4/iITrJxwKN8=;
        b=r0SVVvJfIb4TDjoROQye3dtlstNP2cP8qNpfc54ptOz6a3o2ZUzXApOWfivVQa02vR
         kDE5JHfh/IAi6fj84OhhUeKvj/t2qroL7oE8upO9JkQjZkfevtBN+5VkMXfsFwc+COph
         0z4Xw1B8DcWkJT/8tWDPtf5e8aQpIKGwcGgqo0HBx2SVLKSNbXrd7iAIQeI5AIZV1VbM
         iDZo1sXz0RBqPG8CcddRsb8ZmXyuu/tIgwq5C8NQ5QZ0GdHor5mCeeSG1zfPbU+CvVH0
         K9ilFMMFWJTGbCt4/UUA2J2c/9LjRdrT+E2duTA88RG7NC0bO2nXbNngFiVYKjfXIBBW
         q/iw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b="Plg/RkoE";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from howler.vger.email (howler.vger.email. [23.128.96.34])
        by mx.google.com with ESMTPS id n9-20020a654509000000b005be3117805esi9778193pgq.327.2023.12.13.08.44.13
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 13 Dec 2023 08:44:14 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) client-ip=23.128.96.34;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b="Plg/RkoE";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by howler.vger.email (Postfix) with ESMTP id AA33A828FAC1;
	Wed, 13 Dec 2023 08:44:05 -0800 (PST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.11 at howler.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1379397AbjLMQnb (ORCPT
        <rfc822;aditya.jainadityajain.jain@gmail.com> + 99 others);
        Wed, 13 Dec 2023 11:43:31 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55946 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235406AbjLMQnI (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 13 Dec 2023 11:43:08 -0500
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DEA8A10C
        for <linux-kernel@vger.kernel.org>; Wed, 13 Dec 2023 08:43:14 -0800 (PST)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8150DC433C9;
        Wed, 13 Dec 2023 16:43:13 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1702485794;
        bh=+jJ0AZEvag610YYMeIA2DZY9vRhnQ1MUWo6qd+Qzkcs=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=Plg/RkoEgxcb5oLFgT/r2pbwVa+OiOKfDqeFr23Y4XhEqyZ5uVBDN++Xkp9njtYA/
         e/ZmXCZgAUTOyvm1+MRDRVjk/Goo8EXcyPKp/Z5Jq6vkTd7Z0kpFegYh/Cr9+MFWQC
         ExHTW5hlY3r+qo8ZKQSDl3P2AIFZRW2roFNhvsQBR8o6zm7rZPMr8nRhSijOrPYRQB
         jum+fusgZZy+M4y8zPPL3U6Btq5SJH2c8BRlGS5oiDRK4vX1rVhGb5qPcu+A+1FypL
         eGsgpAVmBSsoR8RBqoGoAYvcP7xcmaFTF+SCgp92suHe8vT62kPWYfSnmce8dWivHj
         6fNgbUfjI7k1Q==
From:   Lee Jones <lee@kernel.org>
To:     lee@kernel.org, gregkh@linuxfoundation.org
Cc:     linux-kernel@vger.kernel.org, linux-usb@vger.kernel.org
Subject: [PATCH 09/12] usb: mon_stat: Replace snprintf() with the safer scnprintf() variant
Date:   Wed, 13 Dec 2023 16:42:38 +0000
Message-ID: <20231213164246.1021885-10-lee@kernel.org>
X-Mailer: git-send-email 2.43.0.472.g3155946c3a-goog
In-Reply-To: <20231213164246.1021885-1-lee@kernel.org>
References: <20231213164246.1021885-1-lee@kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-1.2 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable
	autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Wed, 13 Dec 2023 08:44:06 -0800 (PST)

There is a general misunderstanding amongst engineers that {v}snprintf()
returns the length of the data *actually* encoded into the destination
array.  However, as per the C99 standard {v}snprintf() really returns
the length of the data that *would have been* written if there were
enough space for it.  This misunderstanding has led to buffer-overruns
in the past.  It's generally considered safer to use the {v}scnprintf()
variants in their place (or even sprintf() in simple cases).  So let's
do that.

Link: https://lwn.net/Articles/69419/
Link: https://github.com/KSPP/linux/issues/105
Signed-off-by: Lee Jones <lee@kernel.org>
---
 drivers/usb/mon/mon_stat.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/drivers/usb/mon/mon_stat.c b/drivers/usb/mon/mon_stat.c
index 98ab0cc473d67..3c23805ab1a44 100644
--- a/drivers/usb/mon/mon_stat.c
+++ b/drivers/usb/mon/mon_stat.c
@@ -35,9 +35,9 @@ static int mon_stat_open(struct inode *inode, struct file *file)
 
 	mbus = inode->i_private;
 
-	sp->slen = snprintf(sp->str, STAT_BUF_SIZE,
-	    "nreaders %d events %u text_lost %u\n",
-	    mbus->nreaders, mbus->cnt_events, mbus->cnt_text_lost);
+	sp->slen = scnprintf(sp->str, STAT_BUF_SIZE,
+			     "nreaders %d events %u text_lost %u\n",
+			     mbus->nreaders, mbus->cnt_events, mbus->cnt_text_lost);
 
 	file->private_data = sp;
 	return 0;
-- 
2.43.0.472.g3155946c3a-goog