From b664312285eb6bb9378159f2fea02e39886a7012 Mon Sep 17 00:00:00 2001
From: Rohit Sarkar <rohitsarkar5398@gmail.com>
Date: Wed, 2 Oct 2019 22:35:19 +0530
Subject: [PATCH] staging: rtl8712: fix boundary condition for n
Git-commit: b664312285eb6bb9378159f2fea02e39886a7012
Patch-mainline: v5.5-rc1
References: jsc#SLE-13430

Now that snprintf is replaced by scnprintf n >= MAX_WPA_IE_LEN doesn't
make sense as the maximum value n can take is MAX_WPA_IE_LEN.

Signed-off-by: Rohit Sarkar <rohitsarkar5398@gmail.com>
Reviewed-by: Dan Carpenter <dan.carpenter@oracle.com>
Link: https://lore.kernel.org/r/20191002170518.GA1688@SARKAR
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Acked-by: Takashi Iwai <tiwai@suse.de>

---
 drivers/staging/rtl8712/rtl871x_ioctl_linux.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/staging/rtl8712/rtl871x_ioctl_linux.c b/drivers/staging/rtl8712/rtl871x_ioctl_linux.c
index b3263e953f05..363b82e3e7c6 100644
--- a/drivers/staging/rtl8712/rtl871x_ioctl_linux.c
+++ b/drivers/staging/rtl8712/rtl871x_ioctl_linux.c
@@ -144,7 +144,7 @@ static noinline_for_stack char *translate_scan_wpa(struct iw_request_info *info,
 		for (i = 0; i < wpa_len; i++) {
 			n += scnprintf(buf + n, MAX_WPA_IE_LEN - n,
 						"%02x", wpa_ie[i]);
-			if (n >= MAX_WPA_IE_LEN)
+			if (n == MAX_WPA_IE_LEN-1)
 				break;
 		}
 		memset(iwe, 0, sizeof(*iwe));
@@ -164,7 +164,7 @@ static noinline_for_stack char *translate_scan_wpa(struct iw_request_info *info,
 		for (i = 0; i < rsn_len; i++) {
 			n += scnprintf(buf + n, MAX_WPA_IE_LEN - n,
 						"%02x", rsn_ie[i]);
-			if (n >= MAX_WPA_IE_LEN)
+			if (n == MAX_WPA_IE_LEN-1)
 				break;
 		}
 		memset(iwe, 0, sizeof(*iwe));
-- 
2.16.4