sysfs.c: fix an theoretical issue with snprintf()

Again, code scanners really don't like C string functions, and warn about the potential for a buffer to possibly be too big for a snprintf() call as the checking wasn't quite correct. Fix the check for a buffer overflow up better and handle any potential issues that checking tools could come up with. No real functional change as the sysfs path should be just fine. And really, this is all just userspace code... Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2024-11-23 02:43:52 +08:00 · 2024-10-22 11:17:18 +02:00 · 2024-10-22 11:17:18 +02:00 · 59f1fe166f
commit 59f1fe166f
parent bb1e4b7dce
1 changed files with 6 additions and 2 deletions
--- a/sysfs.c
+++ b/sysfs.c
@ -44,8 +44,12 @@ int get_sysfs_name(char *buf, size_t size, libusb_device *dev)
 	}

 	len += snprintf(buf, size, "%d-", bnum);
-	for (int i = 0; i < num_pnums; i++)
-		len += snprintf(buf + len, size - len, i ? ".%d" : "%d", pnums[i]);
+	for (int i = 0; i < num_pnums; i++) {
+		int n = snprintf(buf + len, size - len, i ? ".%d" : "%d", pnums[i]);
+		if ((n < 0) || (n >= (int)(size - len)))
+			break;
+		len += n;
+	}

 	return len;
 }