[SCSI] esas2r: fix potential format string flaw

This makes sure format strings cannot leak into the printk call via the
constructed buffer.

Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Bradley Grove <bgrove@attotech.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>

diff --git a/drivers/scsi/esas2r/esas2r_log.c b/drivers/scsi/esas2r/esas2r_log.c
index 9bf285d..a82030a 100644 (file)
--- a/drivers/scsi/esas2r/esas2r_log.c
+++ b/drivers/scsi/esas2r/esas2r_log.c
@@ -165,13 +165,9 @@ static int esas2r_log_master(const long level,
 
                /*
                 * Put a line break at the end of the formatted string so that
-                * we don't wind up with run-on messages.  only append if there
-                * is enough space in the buffer.
+                * we don't wind up with run-on messages.
                 */
-               if (strlen(event_buffer) < buflen)
-                       strcat(buffer, "\n");
-
-               printk(event_buffer);
+               printk("%s\n", event_buffer);
 
                spin_unlock_irqrestore(&event_buffer_lock, flags);
        }