首頁 探索 說明
註冊 登入
PUBLIC_REPOS
/
buildroot
镜像来自 git://git.buildroot.net/buildroot
2
1
複刻 0
Files
目錄樹: ab97b0e954
分支列表 標籤列表
buildroot
/
package
/
rtl8821au
/
0003-Fix-using-sprintf-for-extending-string-which-causes-.patch

0003-Fix-using-sprintf-for-extending-string-which-causes-.patch 13 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339 
  1. From 5b6641978e8fa68bca05d224a61f8513b010eda8 Mon Sep 17 00:00:00 2001
    2. 

  2. From: Coleman <omegacoleman@gmail.com>
    3. 

  3. Date: Fri, 17 Jul 2020 08:53:00 +0800
    4. 

  4. Subject: [PATCH] Fix using sprintf for extending string, which causes
    5. 

  5.  undefined behavior
    6. 

  6. 

  7. [Upstream: https://github.com/abperiasamy/rtl8812AU_8821AU_linux/commit/be57045a0933d64e958878696883e9cf998e1bf3.patch]
    8. 

  8. Signed-off-by: Coleman <omegacoleman@gmail.com>
    9. 

  9. Signed-off-by: Christian Stewart <christian@paral.in>
    10. 

  10. ---
    11. 

  11.  core/rtw_mp.c              |   2 +-
    12. 

  12.  os_dep/linux/ioctl_linux.c | 108 ++++++++++++++++++-------------------
    13. 

  13.  2 files changed, 55 insertions(+), 55 deletions(-)
    14. 

  14. 

  15. diff --git a/core/rtw_mp.c b/core/rtw_mp.c
    16. 

  16. index c2e400d..989bb3e 100644
    17. 

  17. --- a/core/rtw_mp.c
    18. 

  18. +++ b/core/rtw_mp.c
    19. 

  19. @@ -1871,7 +1871,7 @@ u32 mp_query_psd(PADAPTER pAdapter, u8 *data)
    20. 

  20.  		} else {
    21. 

  21.  			psd_data = rtw_GetPSDData(pAdapter, i);
    22. 

  22.  		}
    23. 

  23. -		sprintf(data, "%s%x ", data, psd_data);
    24. 

  24. +		sprintf(data + strlen(data), "%x ", psd_data);
    25. 

  25.  		i++;
    26. 

  26.  	}
    27. 

  27.  
    28. 

  28. diff --git a/os_dep/linux/ioctl_linux.c b/os_dep/linux/ioctl_linux.c
    29. 

  29. index c74a153..9543fa3 100644
    30. 

  30. --- a/os_dep/linux/ioctl_linux.c
    31. 

  31. +++ b/os_dep/linux/ioctl_linux.c
    32. 

  32. @@ -9080,19 +9080,19 @@ static int rtw_mp_efuse_get(struct net_device *dev,
    33. 

  33.  		sprintf(extra, "\n");
    34. 

  34.  		for (i = 0; i < EFUSE_MAP_SIZE; i += 16) {
    35. 

  35.  //			DBG_871X("0x%02x\t", i);
    36. 

  36. -			sprintf(extra, "%s0x%02x\t", extra, i);
    37. 

  37. +			sprintf(extra + strlen(extra), "0x%02x\t", i);
    38. 

  38.  			for (j=0; j<8; j++) {
    39. 

  39.  //				DBG_871X("%02X ", data[i+j]);
    40. 

  40. -				sprintf(extra, "%s%02X ", extra, PROMContent[i+j]);
    41. 

  41. +				sprintf(extra + strlen(extra), "%02X ", PROMContent[i+j]);
    42. 

  42.  			}
    43. 

  43.  //			DBG_871X("\t");
    44. 

  44. -			sprintf(extra, "%s\t", extra);
    45. 

  45. +			sprintf(extra + strlen(extra), "\t");
    46. 

  46.  			for (; j<16; j++) {
    47. 

  47.  //				DBG_871X("%02X ", data[i+j]);
    48. 

  48. -				sprintf(extra, "%s%02X ", extra, PROMContent[i+j]);
    49. 

  49. +				sprintf(extra + strlen(extra), "%02X ", PROMContent[i+j]);
    50. 

  50.  			}
    51. 

  51.  //			DBG_871X("\n");
    52. 

  52. -			sprintf(extra,"%s\n",extra);
    53. 

  53. +			sprintf(extra + strlen(extra), "\n");
    54. 

  54.  		}
    55. 

  55.  //		DBG_871X("\n");
    56. 

  56.  	} else if (strcmp(tmp[0], "realmap") == 0) {
    57. 

  57. @@ -9107,19 +9107,19 @@ static int rtw_mp_efuse_get(struct net_device *dev,
    58. 

  58.  		sprintf(extra, "\n");
    59. 

  59.  		for (i = 0; i < EFUSE_MAP_SIZE; i += 16) {
    60. 

  60.  //			DBG_871X("0x%02x\t", i);
    61. 

  61. -			sprintf(extra, "%s0x%02x\t", extra, i);
    62. 

  62. +			sprintf(extra + strlen(extra), "0x%02x\t", i);
    63. 

  63.  			for (j=0; j<8; j++) {
    64. 

  64.  //				DBG_871X("%02X ", data[i+j]);
    65. 

  65. -				sprintf(extra, "%s%02X ", extra, pEfuseHal->fakeEfuseInitMap[i+j]);
    66. 

  66. +				sprintf(extra + strlen(extra), "%02X ", pEfuseHal->fakeEfuseInitMap[i+j]);
    67. 

  67.  			}
    68. 

  68.  //			DBG_871X("\t");
    69. 

  69. -			sprintf(extra, "%s\t", extra);
    70. 

  70. +			sprintf(extra + strlen(extra), "\t");
    71. 

  71.  			for (; j<16; j++) {
    72. 

  72.  //				DBG_871X("%02X ", data[i+j]);
    73. 

  73. -				sprintf(extra, "%s%02X ", extra, pEfuseHal->fakeEfuseInitMap[i+j]);
    74. 

  74. +				sprintf(extra + strlen(extra), "%02X ", pEfuseHal->fakeEfuseInitMap[i+j]);
    75. 

  75.  			}
    76. 

  76.  //			DBG_871X("\n");
    77. 

  77. -			sprintf(extra,"%s\n",extra);
    78. 

  78. +			sprintf(extra + strlen(extra), "\n");
    79. 

  79.  		}
    80. 

  80.  //		DBG_871X("\n");
    81. 

  81.  	} else if (strcmp(tmp[0], "rmap") == 0) {
    82. 

  82. @@ -9158,7 +9158,7 @@ static int rtw_mp_efuse_get(struct net_device *dev,
    83. 

  83.  		*extra = 0;
    84. 

  84.  		for (i=0; i<cnts; i++) {
    85. 

  85.  //			DBG_871X("0x%02x ", data[i]);
    86. 

  86. -			sprintf(extra, "%s0x%02X ", extra, data[i]);
    87. 

  87. +			sprintf(extra + strlen(extra), "0x%02X ", data[i]);
    88. 

  88.  		}
    89. 

  89.  //		DBG_871X("}\n");
    90. 

  90.  	} else if (strcmp(tmp[0], "realraw") == 0) {
    91. 

  91. @@ -9174,17 +9174,17 @@ static int rtw_mp_efuse_get(struct net_device *dev,
    92. 

  92.  		sprintf(extra, "\n0x00\t");
    93. 

  93.  		for (i=0; i< mapLen; i++) {
    94. 

  94.  			//			DBG_871X("%02X", rawdata[i]);
    95. 

  95. -			sprintf(extra, "%s%02X", extra, rawdata[i]);
    96. 

  96. +			sprintf(extra + strlen(extra), "%02X", rawdata[i]);
    97. 

  97.  			if ((i & 0xF) == 0xF) {
    98. 

  98.  				//				DBG_871X("\n");
    99. 

  99. -				sprintf(extra, "%s\n", extra);
    100. 

  100. -				sprintf(extra, "%s0x%02x\t", extra, i+1);
    101. 

  101. +				sprintf(extra + strlen(extra), "\n");
    102. 

  102. +				sprintf(extra + strlen(extra), "0x%02x\t", i+1);
    103. 

  103.  			} else if ((i & 0x7) == 0x7) {
    104. 

  104.  				//				DBG_871X("\t");
    105. 

  105. -				sprintf(extra, "%s \t", extra);
    106. 

  106. +				sprintf(extra + strlen(extra), " \t");
    107. 

  107.  			} else {
    108. 

  108.  				//				DBG_871X(" ");
    109. 

  109. -				sprintf(extra, "%s ", extra);
    110. 

  110. +				sprintf(extra + strlen(extra), " ");
    111. 

  111.  			}
    112. 

  112.  		}
    113. 

  113.  		//		DBG_871X("}\n");
    114. 

  114. @@ -9269,10 +9269,10 @@ static int rtw_mp_efuse_get(struct net_device *dev,
    115. 

  115.  		*extra = 0;
    116. 

  116.  		for (i=0; i<cnts; i++) {
    117. 

  117.  //			DBG_871X("%02X", data[i]);
    118. 

  118. -			sprintf(extra, "%s%02X", extra, data[i]);
    119. 

  119. +			sprintf(extra + strlen(extra), "%02X", data[i]);
    120. 

  120.  			if (i != (cnts-1)) {
    121. 

  121.  //				DBG_871X(":");
    122. 

  122. -				sprintf(extra,"%s:",extra);
    123. 

  123. +				sprintf(extra + strlen(extra), ":");
    124. 

  124.  			}
    125. 

  125.  		}
    126. 

  126.  //		DBG_871X("}\n");
    127. 

  127. @@ -9330,10 +9330,10 @@ static int rtw_mp_efuse_get(struct net_device *dev,
    128. 

  128.  		*extra = 0;
    129. 

  129.  		for (i=0; i<cnts; i++) {
    130. 

  130.  //			DBG_871X("0x%02x", data[i]);
    131. 

  131. -			sprintf(extra, "%s0x%02X", extra, data[i]);
    132. 

  132. +			sprintf(extra + strlen(extra), "0x%02X", data[i]);
    133. 

  133.  			if (i != (cnts-1)) {
    134. 

  134.  //				DBG_871X(",");
    135. 

  135. -				sprintf(extra,"%s,",extra);
    136. 

  136. +				sprintf(extra + strlen(extra), ",");
    137. 

  137.  			}
    138. 

  138.  		}
    139. 

  139.  //		DBG_871X("}\n");
    140. 

  140. @@ -9355,19 +9355,19 @@ static int rtw_mp_efuse_get(struct net_device *dev,
    141. 

  141.  		sprintf(extra, "\n");
    142. 

  142.  		for (i=0; i<512; i+=16) { // set 512 because the iwpriv's extra size have limit 0x7FF
    143. 

  143.  //			DBG_871X("0x%03x\t", i);
    144. 

  144. -			sprintf(extra, "%s0x%03x\t", extra, i);
    145. 

  145. +			sprintf(extra + strlen(extra), "0x%03x\t", i);
    146. 

  146.  			for (j=0; j<8; j++) {
    147. 

  147.  //				DBG_871X("%02X ", pEfuseHal->BTEfuseInitMap[i+j]);
    148. 

  148. -				sprintf(extra, "%s%02X ", extra, pEfuseHal->BTEfuseInitMap[i+j]);
    149. 

  149. +				sprintf(extra + strlen(extra), "%02X ", pEfuseHal->BTEfuseInitMap[i+j]);
    150. 

  150.  			}
    151. 

  151.  //			DBG_871X("\t");
    152. 

  152. -			sprintf(extra,"%s\t",extra);
    153. 

  153. +			sprintf(extra + strlen(extra), "\t");
    154. 

  154.  			for (; j<16; j++) {
    155. 

  155.  //				DBG_871X("%02X ", pEfuseHal->BTEfuseInitMap[i+j]);
    156. 

  156. -				sprintf(extra, "%s%02X ", extra, pEfuseHal->BTEfuseInitMap[i+j]);
    157. 

  157. +				sprintf(extra + strlen(extra), "%02X ", pEfuseHal->BTEfuseInitMap[i+j]);
    158. 

  158.  			}
    159. 

  159.  //			DBG_871X("\n");
    160. 

  160. -			sprintf(extra, "%s\n", extra);
    161. 

  161. +			sprintf(extra + strlen(extra), "\n");
    162. 

  162.  		}
    163. 

  163.  //		DBG_871X("\n");
    164. 

  164.  	} else if (strcmp(tmp[0],"btbmap") == 0) {
    165. 

  165. @@ -9384,19 +9384,19 @@ static int rtw_mp_efuse_get(struct net_device *dev,
    166. 

  166.  		sprintf(extra, "\n");
    167. 

  167.  		for (i=512; i<1024 ; i+=16) {
    168. 

  168.  //			DBG_871X("0x%03x\t", i);
    169. 

  169. -			sprintf(extra, "%s0x%03x\t", extra, i);
    170. 

  170. +			sprintf(extra + strlen(extra), "0x%03x\t", i);
    171. 

  171.  			for (j=0; j<8; j++) {
    172. 

  172.  //				DBG_871X("%02X ", data[i+j]);
    173. 

  173. -				sprintf(extra, "%s%02X ", extra, pEfuseHal->BTEfuseInitMap[i+j]);
    174. 

  174. +				sprintf(extra + strlen(extra), "%02X ", pEfuseHal->BTEfuseInitMap[i+j]);
    175. 

  175.  			}
    176. 

  176.  //			DBG_871X("\t");
    177. 

  177. -			sprintf(extra,"%s\t",extra);
    178. 

  178. +			sprintf(extra + strlen(extra), "\t");
    179. 

  179.  			for (; j<16; j++) {
    180. 

  180.  //				DBG_871X("%02X ", data[i+j]);
    181. 

  181. -				sprintf(extra, "%s%02X ", extra, pEfuseHal->BTEfuseInitMap[i+j]);
    182. 

  182. +				sprintf(extra + strlen(extra), "%02X ", pEfuseHal->BTEfuseInitMap[i+j]);
    183. 

  183.  			}
    184. 

  184.  //			DBG_871X("\n");
    185. 

  185. -			sprintf(extra, "%s\n", extra);
    186. 

  186. +			sprintf(extra + strlen(extra), "\n");
    187. 

  187.  		}
    188. 

  188.  //		DBG_871X("\n");
    189. 

  189.  	} else if (strcmp(tmp[0],"btrmap") == 0) {
    190. 

  190. @@ -9436,7 +9436,7 @@ static int rtw_mp_efuse_get(struct net_device *dev,
    191. 

  191.  //		DBG_871X("%s: bt efuse data={", __FUNCTION__);
    192. 

  192.  		for (i=0; i<cnts; i++) {
    193. 

  193.  //			DBG_871X("0x%02x ", data[i]);
    194. 

  194. -			sprintf(extra, "%s 0x%02X ", extra, data[i]);
    195. 

  195. +			sprintf(extra + strlen(extra), " 0x%02X ", data[i]);
    196. 

  196.  		}
    197. 

  197.  //		DBG_871X("}\n");
    198. 

  198.  		DBG_871X(FUNC_ADPT_FMT ": BT MAC=[%s]\n", FUNC_ADPT_ARG(padapter), extra);
    199. 

  199. @@ -9445,19 +9445,19 @@ static int rtw_mp_efuse_get(struct net_device *dev,
    200. 

  200.  		sprintf(extra, "\n");
    201. 

  201.  		for (i=0; i<512; i+=16) {
    202. 

  202.  //			DBG_871X("0x%03x\t", i);
    203. 

  203. -			sprintf(extra, "%s0x%03x\t", extra, i);
    204. 

  204. +			sprintf(extra + strlen(extra), "0x%03x\t", i);
    205. 

  205.  			for (j=0; j<8; j++) {
    206. 

  206.  //				DBG_871X("%02X ", pEfuseHal->fakeBTEfuseModifiedMap[i+j]);
    207. 

  207. -				sprintf(extra, "%s%02X ", extra, pEfuseHal->fakeBTEfuseModifiedMap[i+j]);
    208. 

  208. +				sprintf(extra + strlen(extra), "%02X ", pEfuseHal->fakeBTEfuseModifiedMap[i+j]);
    209. 

  209.  			}
    210. 

  210.  //			DBG_871X("\t");
    211. 

  211. -			sprintf(extra, "%s\t", extra);
    212. 

  212. +			sprintf(extra + strlen(extra), "\t");
    213. 

  213.  			for (; j<16; j++) {
    214. 

  214.  //				DBG_871X("%02X ", pEfuseHal->fakeBTEfuseModifiedMap[i+j]);
    215. 

  215. -				sprintf(extra, "%s%02X ", extra, pEfuseHal->fakeBTEfuseModifiedMap[i+j]);
    216. 

  216. +				sprintf(extra + strlen(extra), "%02X ", pEfuseHal->fakeBTEfuseModifiedMap[i+j]);
    217. 

  217.  			}
    218. 

  218.  //			DBG_871X("\n");
    219. 

  219. -			sprintf(extra, "%s\n", extra);
    220. 

  220. +			sprintf(extra + strlen(extra), "\n");
    221. 

  221.  		}
    222. 

  222.  //		DBG_871X("\n");
    223. 

  223.  	} else if (strcmp(tmp[0],"btbfake") == 0) {
    224. 

  224. @@ -9465,19 +9465,19 @@ static int rtw_mp_efuse_get(struct net_device *dev,
    225. 

  225.  		sprintf(extra, "\n");
    226. 

  226.  		for (i=512; i<1024; i+=16) {
    227. 

  227.  //			DBG_871X("0x%03x\t", i);
    228. 

  228. -			sprintf(extra, "%s0x%03x\t", extra, i);
    229. 

  229. +			sprintf(extra + strlen(extra), "0x%03x\t", i);
    230. 

  230.  			for (j=0; j<8; j++) {
    231. 

  231.  //				DBG_871X("%02X ", pEfuseHal->fakeBTEfuseModifiedMap[i+j]);
    232. 

  232. -				sprintf(extra, "%s%02X ", extra, pEfuseHal->fakeBTEfuseModifiedMap[i+j]);
    233. 

  233. +				sprintf(extra + strlen(extra), "%02X ", pEfuseHal->fakeBTEfuseModifiedMap[i+j]);
    234. 

  234.  			}
    235. 

  235.  //			DBG_871X("\t");
    236. 

  236. -			sprintf(extra, "%s\t", extra);
    237. 

  237. +			sprintf(extra + strlen(extra), "\t");
    238. 

  238.  			for (; j<16; j++) {
    239. 

  239.  //				DBG_871X("%02X ", pEfuseHal->fakeBTEfuseModifiedMap[i+j]);
    240. 

  240. -				sprintf(extra, "%s%02X ", extra, pEfuseHal->fakeBTEfuseModifiedMap[i+j]);
    241. 

  241. +				sprintf(extra + strlen(extra), "%02X ", pEfuseHal->fakeBTEfuseModifiedMap[i+j]);
    242. 

  242.  			}
    243. 

  243.  //			DBG_871X("\n");
    244. 

  244. -			sprintf(extra, "%s\n", extra);
    245. 

  245. +			sprintf(extra + strlen(extra), "\n");
    246. 

  246.  		}
    247. 

  247.  //		DBG_871X("\n");
    248. 

  248.  	} else if (strcmp(tmp[0],"wlrfkmap")== 0) {
    249. 

  249. @@ -9485,19 +9485,19 @@ static int rtw_mp_efuse_get(struct net_device *dev,
    250. 

  250.  		sprintf(extra, "\n");
    251. 

  251.  		for (i=0; i<EFUSE_MAP_SIZE; i+=16) {
    252. 

  252.  //			DBG_871X("\t0x%02x\t", i);
    253. 

  253. -			sprintf(extra, "%s0x%02x\t", extra, i);
    254. 

  254. +			sprintf(extra + strlen(extra), "0x%02x\t", i);
    255. 

  255.  			for (j=0; j<8; j++) {
    256. 

  256.  //				DBG_871X("%02X ", pEfuseHal->fakeEfuseModifiedMap[i+j]);
    257. 

  257. -				sprintf(extra, "%s%02X ", extra, pEfuseHal->fakeEfuseModifiedMap[i+j]);
    258. 

  258. +				sprintf(extra + strlen(extra), "%02X ", pEfuseHal->fakeEfuseModifiedMap[i+j]);
    259. 

  259.  			}
    260. 

  260.  //			DBG_871X("\t");
    261. 

  261. -			sprintf(extra, "%s\t", extra);
    262. 

  262. +			sprintf(extra + strlen(extra), "\t");
    263. 

  263.  			for (; j<16; j++) {
    264. 

  264.  //				DBG_871X("%02X ", pEfuseHal->fakeEfuseModifiedMap[i+j]);
    265. 

  265. -				sprintf(extra, "%s %02X", extra, pEfuseHal->fakeEfuseModifiedMap[i+j]);
    266. 

  266. +				sprintf(extra + strlen(extra), " %02X", pEfuseHal->fakeEfuseModifiedMap[i+j]);
    267. 

  267.  			}
    268. 

  268.  //			DBG_871X("\n");
    269. 

  269. -			sprintf(extra, "%s\n", extra);
    270. 

  270. +			sprintf(extra + strlen(extra), "\n");
    271. 

  271.  		}
    272. 

  272.  //		DBG_871X("\n");
    273. 

  273.  
    274. 

  274. @@ -9523,7 +9523,7 @@ static int rtw_mp_efuse_get(struct net_device *dev,
    275. 

  275.  		*extra = 0;
    276. 

  276.  		for (i=0; i<cnts; i++) {
    277. 

  277.  			DBG_871X("wlrfkrmap = 0x%02x \n", pEfuseHal->fakeEfuseModifiedMap[addr+i]);
    278. 

  278. -			sprintf(extra, "%s0x%02X ", extra, pEfuseHal->fakeEfuseModifiedMap[addr+i]);
    279. 

  279. +			sprintf(extra + strlen(extra), "0x%02X ", pEfuseHal->fakeEfuseModifiedMap[addr+i]);
    280. 

  280.  		}
    281. 

  281.  	} else if (strcmp(tmp[0],"btrfkrmap")== 0) {
    282. 

  282.  		if ((tmp[1]==NULL) || (tmp[2]==NULL)) {
    283. 

  283. @@ -9547,7 +9547,7 @@ static int rtw_mp_efuse_get(struct net_device *dev,
    284. 

  284.  		*extra = 0;
    285. 

  285.  		for (i=0; i<cnts; i++) {
    286. 

  286.  			DBG_871X("wlrfkrmap = 0x%02x \n", pEfuseHal->fakeBTEfuseModifiedMap[addr+i]);
    287. 

  287. -			sprintf(extra, "%s0x%02X ", extra, pEfuseHal->fakeBTEfuseModifiedMap[addr+i]);
    288. 

  288. +			sprintf(extra + strlen(extra), "0x%02X ", pEfuseHal->fakeBTEfuseModifiedMap[addr+i]);
    289. 

  289.  		}
    290. 

  290.  	} else {
    291. 

  291.  		sprintf(extra, "Command not found!");
    292. 

  292. @@ -10409,7 +10409,7 @@ static int rtw_mp_read_reg(struct net_device *dev,
    293. 

  293.  			pnext++;
    294. 

  294.  			if ( *pnext != '\0' ) {
    295. 

  295.  				strtout = simple_strtoul (pnext , &ptmp, 16);
    296. 

  296. -				sprintf( extra, "%s %d" ,extra ,strtout );
    297. 

  297. +				sprintf(extra + strlen(extra), " %d"  ,strtout );
    298. 

  298.  			} else {
    299. 

  299.  				break;
    300. 

  300.  			}
    301. 

  301. @@ -10443,7 +10443,7 @@ static int rtw_mp_read_reg(struct net_device *dev,
    302. 

  302.  			pnext++;
    303. 

  303.  			if ( *pnext != '\0' ) {
    304. 

  304.  				strtout = simple_strtoul (pnext , &ptmp, 16);
    305. 

  305. -				sprintf( extra, "%s %d" ,extra ,strtout );
    306. 

  306. +				sprintf(extra + strlen(extra), " %d"  ,strtout );
    307. 

  307.  			} else {
    308. 

  308.  				break;
    309. 

  309.  			}
    310. 

  310. @@ -10566,7 +10566,7 @@ static int rtw_mp_read_rf(struct net_device *dev,
    311. 

  311.  		pnext++;
    312. 

  312.  		if ( *pnext != '\0' ) {
    313. 

  313.  			strtou = simple_strtoul (pnext , &ptmp, 16);
    314. 

  314. -			sprintf( extra, "%s %d" ,extra ,strtou );
    315. 

  315. +			sprintf(extra + strlen(extra), " %d"  ,strtou );
    316. 

  316.  		} else {
    317. 

  317.  			break;
    318. 

  318.  		}
    319. 

  319. @@ -12155,14 +12155,14 @@ todo:
    320. 

  320.  				goto exit;
    321. 

  321.  
    322. 

  322.  #ifdef CONFIG_RTL8723A
    323. 

  323. -			sprintf(extra, "%s %d ", extra, (pMptCtx->mptOutBuf[i]& 0x3f));
    324. 

  324. +			sprintf(extra + strlen(extra), " %d ", (pMptCtx->mptOutBuf[i]& 0x3f));
    325. 

  325.  #else
    326. 

  326. -			sprintf(extra, "%s %d ", extra, (pMptCtx->mptOutBuf[i]& 0x1f));
    327. 

  327. +			sprintf(extra + strlen(extra), " %d ", (pMptCtx->mptOutBuf[i]& 0x1f));
    328. 

  328.  #endif
    329. 

  329.  		}
    330. 

  330.  	} else {
    331. 

  331.  		for (i=4; i<pMptCtx->mptOutLen; i++) {
    332. 

  332. -			sprintf(extra, "%s 0x%x ", extra, pMptCtx->mptOutBuf[i]);
    333. 

  333. +			sprintf(extra + strlen(extra), " 0x%x ", pMptCtx->mptOutBuf[i]);
    334. 

  334.  		}
    335. 

  335.  	}
    336. 

  336.  
    337. 

  337. -- 
    338. 

  338. 2.28.0
    339. 

  339.