At Sat, 05 Jul 2014 13:02:02 -0700, Joe Perches wrote:
print_nid_path has a possible buffer overflow if struct nid_path.path values are > 256.
Avoid this and neaten the output to remove the leading ':'
Neaten debug_badness to always verify arguments.
Signed-off-by: Joe Perches joe@perches.com
Thanks, applied.
Although the overflow would never happen in practice (the id can't be over 8 bit from the definition in the HD-audio controller side), it's still better to have a proper check.
Takashi
sound/pci/hda/hda_generic.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-)
diff --git a/sound/pci/hda/hda_generic.c b/sound/pci/hda/hda_generic.c index 589e47c..b293583 100644 --- a/sound/pci/hda/hda_generic.c +++ b/sound/pci/hda/hda_generic.c @@ -350,16 +350,16 @@ static void print_nid_path(struct hda_codec *codec, const char *pfx, struct nid_path *path) { char buf[40];
char *pos = buf; int i;
*pos = 0;
for (i = 0; i < path->depth; i++)
pos += scnprintf(pos, sizeof(buf) - (pos - buf), "%s%02x",
pos != buf ? ":" : "",
path->path[i]);
- buf[0] = 0;
- for (i = 0; i < path->depth; i++) {
char tmp[4];
sprintf(tmp, ":%02x", path->path[i]);
strlcat(buf, tmp, sizeof(buf));
- }
- codec_dbg(codec, "%s path: depth=%d %s\n", pfx, path->depth, buf);
- codec_dbg(codec, "%s path: depth=%d '%s'\n", pfx, path->depth, buf);
}
/* called recursively */ @@ -1700,9 +1700,11 @@ static int fill_and_eval_dacs(struct hda_codec *codec, #define DEBUG_BADNESS
#ifdef DEBUG_BADNESS -#define debug_badness(fmt, args...) codec_dbg(codec, fmt, ##args) +#define debug_badness(fmt, ...) \
- codec_dbg(codec, fmt, ##__VA_ARGS__)
#else -#define debug_badness(...) +#define debug_badness(fmt, ...) \
- do { if (0) codec_dbg(codec, fmt, ##__VA_ARGS__); } while (0)
#endif
#ifdef DEBUG_BADNESS