From 0606ffe26d6d7478fb5957cbc8b9cbbf14a7c68c Mon Sep 17 00:00:00 2001 From: Arnd Bergmann Date: Fri, 14 Jul 2017 14:06:57 +0200 Subject: [PATCH] scsi: gdth: avoid buffer overflow warning gcc notices that we would overflow the buffer for the inquiry of the product name if we have too many adapters: drivers/scsi/gdth.c: In function 'gdth_next': drivers/scsi/gdth.c:2357:29: warning: 'sprintf' may write a terminating nul past the end of the destination [-Wformat-overflow=] sprintf(inq.product,"Host Drive #%02d",t); ^~~~~~~~~~~~~~~~~~~ drivers/scsi/gdth.c:2357:9: note: 'sprintf' output between 16 and 17 bytes into a destination of size 16 sprintf(inq.product,"Host Drive #%02d",t); This won't happen in practice, so just use snprintf to truncate the string. Signed-off-by: Arnd Bergmann Signed-off-by: Martin K. Petersen --- drivers/scsi/gdth.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/scsi/gdth.c b/drivers/scsi/gdth.c index facc7271f932..a4473356a9dc 100644 --- a/drivers/scsi/gdth.c +++ b/drivers/scsi/gdth.c @@ -2354,7 +2354,7 @@ static int gdth_internal_cache_cmd(gdth_ha_str *ha, Scsi_Cmnd *scp) inq.resp_aenc = 2; inq.add_length= 32; strcpy(inq.vendor,ha->oem_name); - sprintf(inq.product,"Host Drive #%02d",t); + snprintf(inq.product, sizeof(inq.product), "Host Drive #%02d",t); strcpy(inq.revision," "); gdth_copy_internal_data(ha, scp, (char*)&inq, sizeof(gdth_inq_data)); break;