git.openpandora.org / pandora-kernel.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 392c6ff)
staging: cxt1e1: buffer overflow in do_del_chan()
authorDan Carpenter <dan.carpenter@oracle.com>
Thu, 24 Jan 2013 06:41:43 +0000 (09:41 +0300)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 25 Jan 2013 19:21:26 +0000 (11:21 -0800)
If we don't restrict "cp.channum" to 3 digits then the sprintf() will
overflow.  I've added a check and changed the sprintf() to snprintf().

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

No differences found
Pandora Kernel Repository