Dan,

What's your opinion on below alternative patch?
In addition to yours it makes would-overflow visible.

It does not check for output buffer having non-zero size but
as callers are local with #defined buffer size I don't think that would
be needed.





Author: Bruno Prémont [off-list ref]
Date:   Wed Sep 19 21:18:10 2012 +0200
Subject: HID: picoLCD: bounds check in dump_buff_as_hex()

Make sure we keep enough space for terminating NUL character after last
newline. If we have too much data, replace last byte with '.'s to
make overflow visible.

Using hex_dump_to_buffer() is not interesting as it adds more overhead
and does not append the trailing linefeed.

Reported-by: Dan Carpenter <redacted>
Signed-off-by: Bruno Prémont <bonbons@linux-vserver.org>
---
 drivers/hid/hid-picolcd_debugfs.c |   14 ++++++++------
 1 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/drivers/hid/hid-picolcd_debugfs.c b/drivers/hid/hid-picolcd_debugfs.c
index 868853a..c5c2fd9 100644
--- a/drivers/hid/hid-picolcd_debugfs.c
+++ b/drivers/hid/hid-picolcd_debugfs.c

@@ -381,16 +381,16 @@ static void dump_buff_as_hex(char *dst, size_t dst_sz, const u8 *data,
 		const size_t data_len)
 {
 	int i, j;
-	for (i = j = 0; i < data_len && j + 3 < dst_sz; i++) {
+	for (i = j = 0; i < data_len && j + 4 < dst_sz; i++) {
 		dst[j++] = hex_asc[(data[i] >> 4) & 0x0f];
 		dst[j++] = hex_asc[data[i] & 0x0f];
 		dst[j++] = ' ';
 	}
-	if (j < dst_sz) {
-		dst[j--] = '\0';
-		dst[j] = '\n';
-	} else
-		dst[j] = '\0';
+	dst[j]   = '\0';
+	if (j > 0)
+		dst[j-1] = '\n';
+	if (i < data_len && j > 2)
+		dst[j-2] = dst[j-3] = '.';
 }
 
 void picolcd_debug_out_report(struct picolcd_data *data,
--

To unsubscribe from this list: send the line "unsubscribe linux-input" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html