As commit a86028f8e3ee ("staging: most: sound: replace snprintf
with strscpy") suggested, using snprintf without a format
specifier is potentially risky if the PROMPT environment
variable contains any format specifier. The variable can be set
via kdb_set() though by default it contains no format specifier.
Using strscpy is conservatively safe for any mistakenly
environment variable setting that leads to crash.
Signed-off-by: Wang Xiayang <xywang.s...@sjtu.edu.cn>
---
kernel/debug/kdb/kdb_main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/debug/kdb/kdb_main.c b/kernel/debug/kdb/kdb_main.c
index 9ecfa37c7fbf..4514c70fae09 100644
--- a/kernel/debug/kdb/kdb_main.c
+++ b/kernel/debug/kdb/kdb_main.c
@@ -1303,7 +1303,7 @@ static int kdb_local(kdb_reason_t reason, int error,
struct pt_regs *regs,
snprintf(kdb_prompt_str, CMD_BUFLEN, kdbgetenv("PROMPT"),
raw_smp_processor_id());
#else
- snprintf(kdb_prompt_str, CMD_BUFLEN, kdbgetenv("PROMPT"));
+ strscpy(kdb_prompt_str, kdbgetenv("PROMPT"), CMD_BUFLEN);
#endif
if (defcmd_in_progress)
strncat(kdb_prompt_str, "[defcmd]", CMD_BUFLEN);
--
2.11.0
_______________________________________________
Kgdb-bugreport mailing list
Kgdb-bugreport@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/kgdb-bugreport
