# This is a BitKeeper generated patch for the following project:
# Project Name: Linux kernel tree
# This patch format is intended for GNU patch command version 2.5 or higher.
# This patch includes the following deltas:
#	           ChangeSet	1.447.55.16 -> 1.447.73.1
#	drivers/usb/input/hid-core.c	1.22    -> 1.23   
#
# The following is the BitKeeper ChangeSet Log
# --------------------------------------------
# 02/05/03	vojtech@twilight.ucw.cz	1.447.73.1
# This fixes a possible buffer overflow in hid-core.c in case a
# device would have very long string descriptors (vendor and device
# name.)
# --------------------------------------------
#
diff -Nru a/drivers/usb/input/hid-core.c b/drivers/usb/input/hid-core.c
--- a/drivers/usb/input/hid-core.c	Tue May  7 15:18:28 2002
+++ b/drivers/usb/input/hid-core.c	Tue May  7 15:18:28 2002
@@ -1396,12 +1396,12 @@
 	if (usb_string(dev, dev->descriptor.iManufacturer, buf, 64) > 0) {
 		strcat(hid->name, buf);
 		if (usb_string(dev, dev->descriptor.iProduct, buf, 64) > 0)
-			sprintf(hid->name, "%s %s", hid->name, buf);
+			snprintf(hid->name, 64, "%s %s", hid->name, buf);
 	} else
-		sprintf(hid->name, "%04x:%04x", dev->descriptor.idVendor, dev->descriptor.idProduct);
+		snprintf(hid->name, 64, "%04x:%04x", dev->descriptor.idVendor, dev->descriptor.idProduct);
 
-	usb_make_path(dev, buf, 63);
-	sprintf(hid->phys, "%s/input%d", buf, ifnum);
+	usb_make_path(dev, buf, 64);
+	snprintf(hid->phys, 64, "%s/input%d", buf, ifnum);
 
 	if (usb_string(dev, dev->descriptor.iSerialNumber, hid->uniq, 64) <= 0)
 		hid->uniq[0] = 0;