commit | 96a8d14e875a017f9e9e71d93433414e9fb8863f | [log] [tgz] |
---|---|---|
author | Dan Carpenter <dan.carpenter@oracle.com> | Thu Jan 24 09:41:43 2013 +0300 |
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | Fri Jan 25 11:21:26 2013 -0800 |
tree | 80e1968fc8318243921c35be0cf6324f4fa01e9f | |
parent | 392c6ff87f568d573239b763855160d1f06114de [diff] |
staging: cxt1e1: buffer overflow in do_del_chan() If we don't restrict "cp.channum" to 3 digits then the sprintf() will overflow. I've added a check and changed the sprintf() to snprintf(). Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>