From patchwork Tue Jul 18 11:48:09 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnd Bergmann X-Patchwork-Id: 9848143 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 396BB60392 for ; Tue, 18 Jul 2017 11:51:22 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2634228497 for ; Tue, 18 Jul 2017 11:51:22 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1B11928553; Tue, 18 Jul 2017 11:51:22 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.4 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_NONE, RCVD_IN_SORBS_SPAM autolearn=no version=3.3.1 Received: from alsa0.perex.cz (alsa0.perex.cz [77.48.224.243]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 62E6728497 for ; Tue, 18 Jul 2017 11:51:21 +0000 (UTC) Received: from alsa0.perex.cz (localhost [127.0.0.1]) by alsa0.perex.cz (Postfix) with ESMTP id 19DDD2664EB; Tue, 18 Jul 2017 13:51:20 +0200 (CEST) X-Original-To: alsa-devel@alsa-project.org Delivered-To: alsa-devel@alsa-project.org Received: by alsa0.perex.cz (Postfix, from userid 1000) id 91EA426718D; Tue, 18 Jul 2017 13:51:18 +0200 (CEST) Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.187]) by alsa0.perex.cz (Postfix) with ESMTP id 6EDF626717C for ; Tue, 18 Jul 2017 13:51:14 +0200 (CEST) Received: from wuerfel.lan ([5.56.224.194]) by mrelayeu.kundenserver.de (mreue005 [212.227.15.129]) with ESMTPA (Nemesis) id 0MVHmU-1d8ZWo2UXO-00Yhzg; Tue, 18 Jul 2017 13:50:08 +0200 From: Arnd Bergmann To: Jaroslav Kysela , Takashi Iwai , Arnd Bergmann Date: Tue, 18 Jul 2017 13:48:09 +0200 Message-Id: <20170718114820.3681255-6-arnd@arndb.de> X-Mailer: git-send-email 2.9.0 In-Reply-To: <20170718114820.3681255-1-arnd@arndb.de> References: <20170718114820.3681255-1-arnd@arndb.de> X-Provags-ID: V03:K0:NZ2Hyejxtia8lQ60BdW5UE7ODAO/4DHMyW5zvhsQqT2TIKTU7Rk qusLIj/5aS5/2dnWCN8Itx03xr2UUnLL9hE0TnwsYMplFqAE6XTDZHsjp+b7FvF45gF7ghX Xc7NgQahZTj6Krt1p7pTfHPJzr3tsiFGlXm7kUy+Ad8Zzeh2Ns/H3VybpEYTXGFeqKbheEn P1iL+7lGDgwDtesOcwEHw== X-UI-Out-Filterresults: notjunk:1; V01:K0:+ovodo93ikA=:DZ5ksv8Okr+TxARqaDdfCx YACbuxlWJ7tZcuKh+wzo3qdOTQ+aosOhyGNE8oASkj2H/W/+xcfXj3KqSJf0Sh8GJJbvX1rcn GmJrSU+lSlWY2jeq6xJYVTgMhSbJmp4r/T0vKj4LrDkz1rH2DZMuC2k4Rla1HfKOY5WjGtOd1 JcR0zZqdjTcO5KDwDy5ujlceR5Wc6nInSaQcwmxxQGKuK1c88Ko0+bFyRCGY6eMS49inUor5q ACekTd80j9TcARuNRyXdy/urt+/c1hIGpBfwj3sutaYgjJnOm78No1U94kiQchUfQv7R7uYaB 74RoaPk5n6Do5Ut06iB+HnQGkLTTNsX4Jf8fHgu/lNgyyo3T0aychDKEleTBw2i3PQEpmXl4e 2JyERjvVpVdcX9rGl1Kt3APUYGgv0Hg3zG2P9ZeuZar99TimDzoQ/n6do4kDWmz3nATC7tCCf EkXLdbK2izz7eoRlMKihgWPbZnXGVpYVAwKfuJhM8DF3nRVAj5n7MaLTDEDE8Z24C++6ivRtM f49mXoZTyfk6/jL6hMb1bbJrf7N7nJu/HzDz49QmDLN0mSC+KyY6Shzp3BhuRh4L946fcN76x pVu0vm0xiMz3/CmzNvsLAD3LoNycZO60oNWZPEtlAMQDmg06Z4tZ7Tx2dNjTs/25pC1KlUQzr oaZK4ZAsAtMcfN5tIJuBAUNSuH/h3gOZRa5v0r+c+xMFHSvsuXyoSBTWsSIrqJxuVIJILvr6o pZiS89Kc1Ch/mpAcukLlRZ4H9i3CDEdaSvRMhw== Cc: Julia Lawall , Colin Ian King , alsa-devel@alsa-project.org, linux-kernel@vger.kernel.org, Takashi Sakamoto Subject: [alsa-devel] [PATCH v2 6/7] ALSA: rme9652: fix format overflow warnings X-BeenThere: alsa-devel@alsa-project.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Alsa-devel mailing list for ALSA developers - http://www.alsa-project.org" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: alsa-devel-bounces@alsa-project.org Sender: alsa-devel-bounces@alsa-project.org X-Virus-Scanned: ClamAV using ClamSMTP gcc-7 warns about a possible sprintf format string overflow with a temporary buffer that is used to print from another buffer of the same size: sound/pci/rme9652/hdspm.c: In function 'snd_hdspm_create_alsa_devices': sound/pci/rme9652/hdspm.c:2123:17: error: ' MIDIoverMADI' directive writing 13 bytes into a region of size between 1 and 32 [-Werror=format-overflow=] This extends the temporary buffer to twice the size, and changes the code to use the safer snprintf() across the entire file. The longer buffer is still necessary to avoid a format-truncation warning. Signed-off-by: Arnd Bergmann --- sound/pci/rme9652/hdspm.c | 48 +++++++++++++++++++++++++++-------------------- 1 file changed, 28 insertions(+), 20 deletions(-) diff --git a/sound/pci/rme9652/hdspm.c b/sound/pci/rme9652/hdspm.c index 254c3d040118..2a3a916e5d15 100644 --- a/sound/pci/rme9652/hdspm.c +++ b/sound/pci/rme9652/hdspm.c @@ -2061,7 +2061,7 @@ static int snd_hdspm_create_midi(struct snd_card *card, struct hdspm *hdspm, int id) { int err; - char buf[32]; + char buf[64]; hdspm->midi[id].id = id; hdspm->midi[id].hdspm = hdspm; @@ -2120,19 +2120,23 @@ static int snd_hdspm_create_midi(struct snd_card *card, if ((id < 2) || ((2 == id) && ((MADI == hdspm->io_type) || (MADIface == hdspm->io_type)))) { if ((id == 0) && (MADIface == hdspm->io_type)) { - sprintf(buf, "%s MIDIoverMADI", card->shortname); + snprintf(buf, sizeof(buf), "%s MIDIoverMADI", + card->shortname); } else if ((id == 2) && (MADI == hdspm->io_type)) { - sprintf(buf, "%s MIDIoverMADI", card->shortname); + snprintf(buf, sizeof(buf), "%s MIDIoverMADI", + card->shortname); } else { - sprintf(buf, "%s MIDI %d", card->shortname, id+1); + snprintf(buf, sizeof(buf), "%s MIDI %d", + card->shortname, id+1); } err = snd_rawmidi_new(card, buf, id, 1, 1, &hdspm->midi[id].rmidi); if (err < 0) return err; - sprintf(hdspm->midi[id].rmidi->name, "%s MIDI %d", - card->id, id+1); + snprintf(hdspm->midi[id].rmidi->name, + sizeof(hdspm->midi[id].rmidi->name), + "%s MIDI %d", card->id, id+1); hdspm->midi[id].rmidi->private_data = &hdspm->midi[id]; snd_rawmidi_set_ops(hdspm->midi[id].rmidi, @@ -2148,14 +2152,16 @@ static int snd_hdspm_create_midi(struct snd_card *card, SNDRV_RAWMIDI_INFO_DUPLEX; } else { /* TCO MTC, read only */ - sprintf(buf, "%s MTC %d", card->shortname, id+1); + snprintf(buf, sizeof(buf), "%s MTC %d", + card->shortname, id+1); err = snd_rawmidi_new(card, buf, id, 1, 1, &hdspm->midi[id].rmidi); if (err < 0) return err; - sprintf(hdspm->midi[id].rmidi->name, - "%s MTC %d", card->id, id+1); + snprintf(hdspm->midi[id].rmidi->name, + sizeof(hdspm->midi[id].rmidi->name), + "%s MTC %d", card->id, id+1); hdspm->midi[id].rmidi->private_data = &hdspm->midi[id]; snd_rawmidi_set_ops(hdspm->midi[id].rmidi, @@ -6869,7 +6875,8 @@ static int snd_hdspm_create(struct snd_card *card, * when running with multiple cards. */ if (NULL == id[hdspm->dev] && hdspm->serial != 0xFFFFFF) { - sprintf(card->id, "HDSPMx%06x", hdspm->serial); + snprintf(card->id, sizeof(card->id), + "HDSPMx%06x", hdspm->serial); snd_card_set_id(card, card->id); } } @@ -6954,17 +6961,18 @@ static int snd_hdspm_probe(struct pci_dev *pci, } if (hdspm->io_type != MADIface) { - sprintf(card->shortname, "%s_%x", - hdspm->card_name, - hdspm->serial); - sprintf(card->longname, "%s S/N 0x%x at 0x%lx, irq %d", - hdspm->card_name, - hdspm->serial, - hdspm->port, hdspm->irq); + snprintf(card->shortname, sizeof(card->shortname), "%s_%x", + hdspm->card_name, hdspm->serial); + snprintf(card->longname, sizeof(card->longname), + "%s S/N 0x%x at 0x%lx, irq %d", + hdspm->card_name, hdspm->serial, + hdspm->port, hdspm->irq); } else { - sprintf(card->shortname, "%s", hdspm->card_name); - sprintf(card->longname, "%s at 0x%lx, irq %d", - hdspm->card_name, hdspm->port, hdspm->irq); + snprintf(card->shortname, sizeof(card->shortname), "%s", + hdspm->card_name); + snprintf(card->longname, sizeof(card->longname), + "%s at 0x%lx, irq %d", + hdspm->card_name, hdspm->port, hdspm->irq); } err = snd_card_register(card);