block: aoe: Use scnprintf() for avoiding potential buffer overflow

Since snprintf() returns the would-be-output size instead of the
actual output size, the succeeding calls may go beyond the given
buffer limit.  Fix it by replacing with scnprintf().

Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Jens Axboe <axboe@kernel.dk>

diff --git a/drivers/block/aoe/aoeblk.c b/drivers/block/aoe/aoeblk.c
index 7b32fb6733758f4f3dbfc40fcabb04321ccd0545..a27804d71e122970af4f99be85e4d2850e3782e8 100644 (file)
--- a/drivers/block/aoe/aoeblk.c
+++ b/drivers/block/aoe/aoeblk.c
@@ -87,9 +87,9 @@ static ssize_t aoedisk_show_netif(struct device *dev,
        if (*nd == NULL)
                return snprintf(page, PAGE_SIZE, "none\n");
        for (p = page; nd < ne; nd++)
-               p += snprintf(p, PAGE_SIZE - (p-page), "%s%s",
+               p += scnprintf(p, PAGE_SIZE - (p-page), "%s%s",
                        p == page ? "" : ",", (*nd)->name);
-       p += snprintf(p, PAGE_SIZE - (p-page), "\n");
+       p += scnprintf(p, PAGE_SIZE - (p-page), "\n");
        return p-page;
 }
 /* firmware version */