Eric Lai has submitted this change. ( https://review.coreboot.org/c/coreboot/+/75733?usp=email )

(

1 is the latest approved patch-set. No files were changed between the latest approved patch-set and the submitted one. )Change subject: drivers/wwan/fm: Fix format string vulnerability with snprintf ......................................................................

drivers/wwan/fm: Fix format string vulnerability with snprintf

This fixes format string vulnerability issues with snprintf statement found by klocwork scan.

Foundby=klocwork BUG=NONE TEST=Boot to OS on Meteor Lake rex platform and run klocwork scan. Check related ACPI tables and modem driver behavior after changes.

Signed-off-by: Jamie Ryu jamie.m.ryu@intel.com Change-Id: Ia6b7d70c0b2b86d0918e58348dccd206a7ee9193 Reviewed-on: https://review.coreboot.org/c/coreboot/+/75733 Reviewed-by: Kapil Porwal kapilporwal@google.com Reviewed-by: Subrata Banik subratabanik@google.com Reviewed-by: Cliff Huang cliff.huang@intel.com Reviewed-by: Eric Lai eric_lai@quanta.corp-partner.google.com Tested-by: build bot (Jenkins) no-reply@coreboot.org --- M src/drivers/wwan/fm/acpi_fm350gl.c 1 file changed, 8 insertions(+), 8 deletions(-)

Approvals: Kapil Porwal: Looks good to me, approved build bot (Jenkins): Verified Subrata Banik: Looks good to me, approved Eric Lai: Looks good to me, approved Cliff Huang: Looks good to me, but someone else must approve

diff --git a/src/drivers/wwan/fm/acpi_fm350gl.c b/src/drivers/wwan/fm/acpi_fm350gl.c index 46f8ecb..139fd15 100644 --- a/src/drivers/wwan/fm/acpi_fm350gl.c +++ b/src/drivers/wwan/fm/acpi_fm350gl.c @@ -62,8 +62,8 @@

rtd3_config = config_of(config->rtd3dev); if (rtd3_config->use_rp_mutex) { - snprintf(mutex_path, sizeof(mutex_path), acpi_device_path_join(parent_dev, - RP_MUTEX_NAME)); + snprintf(mutex_path, sizeof(mutex_path), "%s", + acpi_device_path_join(parent_dev, RP_MUTEX_NAME)); /* Acquire root port mutex in case FHRF is called directly and not called from _RST */ acpigen_write_acquire(mutex_path, ACPI_MUTEX_NO_TIMEOUT); } @@ -129,8 +129,8 @@

rtd3_config = config_of(config->rtd3dev); if (rtd3_config->use_rp_mutex) { - snprintf(mutex_path, sizeof(mutex_path), acpi_device_path_join(parent_dev, - RP_MUTEX_NAME)); + snprintf(mutex_path, sizeof(mutex_path), "%s", + acpi_device_path_join(parent_dev, RP_MUTEX_NAME)); /* Acquire root port mutex */ acpigen_write_acquire(mutex_path, ACPI_MUTEX_NO_TIMEOUT); } @@ -184,8 +184,8 @@

rtd3_config = config_of(config->rtd3dev); if (rtd3_config->use_rp_mutex) { - snprintf(mutex_path, sizeof(mutex_path), acpi_device_path_join(parent_dev, - RP_MUTEX_NAME)); + snprintf(mutex_path, sizeof(mutex_path), "%s", + acpi_device_path_join(parent_dev, RP_MUTEX_NAME)); /* Acquire root port mutex */ acpigen_write_acquire(mutex_path, ACPI_MUTEX_NO_TIMEOUT); } @@ -219,8 +219,8 @@

rtd3_config = config_of(config->rtd3dev); if (rtd3_config->use_rp_mutex) { - snprintf(mutex_path, sizeof(mutex_path), acpi_device_path_join(parent_dev, - RP_MUTEX_NAME)); + snprintf(mutex_path, sizeof(mutex_path), "%s", + acpi_device_path_join(parent_dev, RP_MUTEX_NAME)); /* Acquire root port mutex */ acpigen_write_acquire(mutex_path, ACPI_MUTEX_NO_TIMEOUT); }