summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDan Carpenter <error27@gmail.com>2010-07-25 21:23:59 +0000
committerDavid S. Miller <davem@davemloft.net>2010-07-26 21:05:03 -0700
commit7b7b0b90592a023ac8946b29cca871bf17741fab (patch)
tree72637e6bd28dcff682a0b02a0112102523ff4b22
parent652c6717465dbd0091dbe04ed9be2f7e59c03c7d (diff)
caif: handle snprintf() return
snprintf() returns the number of bytes that would have been written. It can be larger than the size of the buffer. The current code won't overflow, but people cut and paste this stuff so lets do it right and also make the static checkers happy. Signed-off-by: Dan Carpenter <error27@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--drivers/net/caif/caif_spi.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/drivers/net/caif/caif_spi.c b/drivers/net/caif/caif_spi.c
index 6c948037fc78..f5058ff2b210 100644
--- a/drivers/net/caif/caif_spi.c
+++ b/drivers/net/caif/caif_spi.c
@@ -165,6 +165,9 @@ static ssize_t dbgfs_state(struct file *file, char __user *user_buf,
len += snprintf((buf + len), (DEBUGFS_BUF_SIZE - len),
"Next RX len: %d\n", cfspi->rx_npck_len);
+ if (len > DEBUGFS_BUF_SIZE)
+ len = DEBUGFS_BUF_SIZE;
+
size = simple_read_from_buffer(user_buf, count, ppos, buf, len);
kfree(buf);