[PATCH] pinctrl: fix buffer size for pinctrl_generic_set_state_prefix()
This buffer has the concatenated prefix and name written into it, so it must be large enough to cover both strings plus the terminating NUL.
Fixes: 92c4a95ec7 ("pinctrl: Add new function pinctrl_generic_set_state_prefix()") Signed-off-by: John Keeping john@metanate.com --- drivers/pinctrl/pinctrl-generic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/pinctrl/pinctrl-generic.c b/drivers/pinctrl/pinctrl-generic.c index ec21d4ff83..8909b57810 100644 --- a/drivers/pinctrl/pinctrl-generic.c +++ b/drivers/pinctrl/pinctrl-generic.c @@ -237,7 +237,7 @@ enum pinmux_subnode_type { static const char *alloc_name_with_prefix(const char *name, const char *prefix) { if (prefix) { - char *name_with_prefix = malloc(strlen(prefix) + sizeof("pins")); + char *name_with_prefix = malloc(strlen(prefix) + strlen(name) + 1); if (name_with_prefix) sprintf(name_with_prefix, "%s%s", prefix, name); return name_with_prefix;
On Wednesday 07 September 2022 12:11:42 John Keeping wrote:
This buffer has the concatenated prefix and name written into it, so it must be large enough to cover both strings plus the terminating NUL.
You are right. Not sure why I put there sizeof("pins") (maybe old version when name was only pins).
Reviewed-by: Pali Rohár pali@kernel.org
Fixes: 92c4a95ec7 ("pinctrl: Add new function pinctrl_generic_set_state_prefix()") Signed-off-by: John Keeping john@metanate.com
drivers/pinctrl/pinctrl-generic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/pinctrl/pinctrl-generic.c b/drivers/pinctrl/pinctrl-generic.c index ec21d4ff83..8909b57810 100644 --- a/drivers/pinctrl/pinctrl-generic.c +++ b/drivers/pinctrl/pinctrl-generic.c @@ -237,7 +237,7 @@ enum pinmux_subnode_type { static const char *alloc_name_with_prefix(const char *name, const char *prefix) { if (prefix) {
char *name_with_prefix = malloc(strlen(prefix) + sizeof("pins"));
char *name_with_prefix = malloc(strlen(prefix) + strlen(name) + 1);-- 2.37.3
On Wed, 7 Sept 2022 at 05:15, Pali Rohár pali@kernel.org wrote:
On Wednesday 07 September 2022 12:11:42 John Keeping wrote:
This buffer has the concatenated prefix and name written into it, so it must be large enough to cover both strings plus the terminating NUL.
You are right. Not sure why I put there sizeof("pins") (maybe old version when name was only pins).
Reviewed-by: Pali Rohár pali@kernel.org
Fixes: 92c4a95ec7 ("pinctrl: Add new function pinctrl_generic_set_state_prefix()") Signed-off-by: John Keeping john@metanate.com
drivers/pinctrl/pinctrl-generic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Reviewed-by: Simon Glass sjg@chromium.org
On Wed, Sep 07, 2022 at 12:11:42PM +0100, John Keeping wrote:
This buffer has the concatenated prefix and name written into it, so it must be large enough to cover both strings plus the terminating NUL.
Fixes: 92c4a95ec7 ("pinctrl: Add new function pinctrl_generic_set_state_prefix()") Signed-off-by: John Keeping john@metanate.com Reviewed-by: Pali Rohár pali@kernel.org Reviewed-by: Simon Glass sjg@chromium.org
Applied to u-boot/master, thanks!
participants (4)
-
John Keeping -
Pali Rohár -
Simon Glass -
Tom Rini