Replace sprintf() with snprintf() when formatting debug names to prevent potential buffer overflow. The debug_name buffer is 16 bytes, and while unlikely to overflow with current PIDs, using snprintf() provides proper bounds checking. Signed-off-by: Josephine Pfeiffer --- arch/s390/kvm/kvm-s390.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c index 6d51aa5f66be..005c117be086 100644 --- a/arch/s390/kvm/kvm-s390.c +++ b/arch/s390/kvm/kvm-s390.c @@ -3371,7 +3371,7 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type) ((char *) kvm->arch.sca + sca_offset); mutex_unlock(&kvm_lock); - sprintf(debug_name, "kvm-%u", current->pid); + snprintf(debug_name, sizeof(debug_name), "kvm-%u", current->pid); kvm->arch.dbf = debug_register(debug_name, 32, 1, 7 * sizeof(long)); if (!kvm->arch.dbf) -- 2.51.0