s390/dasd: Use scnprintf() instead of sprintf()

Use scnprintf() instead of sprintf() for those cases where the
destination is an array and the size of the array is known at compile
time.

This prevents theoretical buffer overflows, but also avoids that people
again and again spend time to figure out if the code is actually safe.

Signed-off-by: Jan Höppner <hoeppner@linux.ibm.com>
Reviewed-by: Stefan Haberland <sth@linux.ibm.com>
Signed-off-by: Stefan Haberland <sth@linux.ibm.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>

diff --git a/drivers/s390/block/dasd_devmap.c b/drivers/s390/block/dasd_devmap.c
index ddbdf1f85d441181dcef578b8825a4163bb633ff..73972900fc5547eefeb8f3ee5e4c7afcf7b0cd19 100644 (file)
--- a/drivers/s390/block/dasd_devmap.c
+++ b/drivers/s390/block/dasd_devmap.c
@@ -355,7 +355,8 @@ static int __init dasd_parse_range(const char *range)
        /* each device in dasd= parameter should be set initially online */
        features |= DASD_FEATURE_INITIAL_ONLINE;
        while (from <= to) {
-               sprintf(bus_id, "%01x.%01x.%04x", from_id0, from_id1, from++);
+               scnprintf(bus_id, sizeof(bus_id),
+                         "%01x.%01x.%04x", from_id0, from_id1, from++);
                devmap = dasd_add_busid(bus_id, features);
                if (IS_ERR(devmap)) {
                        rc = PTR_ERR(devmap);