staging: rtl8723bs: ensure cmd is large enough for %4s scanf format

char array cmd is being scanned in using a %4s scanf format
specifier and so cmd must be an array of 5 chars. Increase size
to 5 chars to ensure we don't have an overflow.

Detected with static analysis by cppcheck:

"(error) Width 4 given in format string (no. 1) is larger than
destination buffer 'cmd[4]', use %3s to prevent overflowing it."

Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/staging/rtl8723bs/os_dep/rtw_proc.c b/drivers/staging/rtl8723bs/os_dep/rtw_proc.c
index a2011e06d71960798e4f0ca72ce5130c0441c876..8de65e5c80d5b70a86591e1fa8d9ebacc31bc4cf 100644 (file)
--- a/drivers/staging/rtl8723bs/os_dep/rtw_proc.c
+++ b/drivers/staging/rtl8723bs/os_dep/rtw_proc.c
@@ -295,7 +295,7 @@ static ssize_t proc_set_cam(struct file *file, const char __user *buffer, size_t
        struct adapter *adapter;
 
        char tmp[32];
-       char cmd[4];
+       char cmd[5];
        u8 id;
 
        adapter = (struct adapter *)rtw_netdev_priv(dev);