Miquel Raynal b19a4266c5 of: Fix modalias string generation ... The helper generating an OF based modalias (of_device_get_modalias()) works fine, but due to the use of snprintf() internally it needs a buffer one byte longer than what should be needed just for the entire string (excluding the '\0'). Most users of this helper are sysfs hooks providing the modalias string to users. They all provide a PAGE_SIZE buffer which is way above the number of bytes required to fit the modalias string and hence do not suffer from this issue. There is another user though, of_device_request_module(), which is only called by drivers/usb/common/ulpi.c. This request module function is faulty, but maybe because in most cases there is an alternative, ULPI driver users have not noticed it. In this function, of_device_get_modalias() is called twice. The first time without buffer just to get the number of bytes required by the modalias string (excluding the null byte), and a second time, after buffer allocation, to fill the buffer. The allocation asks for an additional byte, in order to store the trailing '\0'. However, the buffer *length* provided to of_device_get_modalias() excludes this extra byte. The internal use of snprintf() with a length that is exactly the number of bytes to be written has the effect of using the last available byte to store a '\0', which then smashes the last character of the modalias string. Provide the actual size of the buffer to of_device_get_modalias() to fix this issue. Note: the "str[size - 1] = '\0';" line is not really needed as snprintf will anyway end the string with a null byte, but there is a possibility that this function might be called on a struct device_node without compatible, in this case snprintf() would not be executed. So we keep it just to avoid possible unbounded strings. Cc: Stephen Boyd <sboyd@kernel.org> Cc: Peter Chen <peter.chen@kernel.org> Fixes: 9c829c097f ("of: device: Support loading a module with OF based modalias") Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> Reviewed-by: Rob Herring <robh@kernel.org> Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@linaro.org> Link: https://lore.kernel.org/r/20230404172148.82422-2-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2023-04-05 19:41:10 +02:00
..
unittest-data	of: unittest: add node lifecycle tests	2023-02-20 15:36:51 -06:00
address.c	Merge branches 'apple/dart', 'arm/exynos', 'arm/renesas', 'arm/smmu', 'x86/vt-d', 'x86/amd' and 'core' into next	2023-02-18 15:43:04 +01:00
base.c	of: base: use strscpy() to instead of strncpy()	2023-01-05 21:23:14 -06:00
device.c	of: Fix modalias string generation	2023-04-05 19:41:10 +02:00
dynamic.c	of: dynamic: Fix spelling mistake "kojbect" -> "kobject"	2023-02-21 10:22:04 -06:00
fdt_address.c
fdt.c	Revert "mm: kmemleak: alloc gray object for reserved region with direct map"	2023-01-31 16:44:09 -08:00
irq.c	of/irq: add missing of_node_put() for interrupt parent node	2023-01-18 11:31:42 -06:00
Kconfig	of: update kconfig unittest help	2023-02-17 15:46:20 -06:00
kexec.c	of/kexec: Fix reading 32-bit "linux,initrd-{start,end}" values	2022-12-06 14:50:36 -06:00
kobj.c	of: make of_node_ktype constant	2023-02-06 11:03:00 -06:00
Makefile	of: net: move of_net under net/	2021-10-07 13:39:51 +01:00
of_numa.c	of, numa: Fetch empty NUMA node ID from distance map	2021-10-04 13:13:44 -05:00
of_private.h	of: Fix "dma-ranges" handling for bus controllers	2022-09-30 14:35:43 -05:00
of_reserved_mem.c	Devicetree updates for v6.3:	2023-02-24 13:31:53 -08:00
overlay.c	of: overlay: Fix trivial typo	2022-12-26 16:09:29 -06:00
pdt.c	of: Remove struct device_node.type pointer	2019-01-10 16:24:44 -06:00
platform.c	Devicetree updates for v6.3:	2023-02-24 13:31:53 -08:00
property.c	Devicetree updates for v6.3:	2023-02-24 13:31:53 -08:00
resolver.c	of: overlay: log the error cause on resolver failure	2020-03-02 11:32:44 -06:00
unittest.c	of: unittest: add node lifecycle tests	2023-02-20 15:36:51 -06:00