Re: [PATCH] bna: ethtool: Avoid reading past end of buffer

From: David Miller
Date: Mon May 08 2017 - 14:42:21 EST

Next message: David Miller: "Re: [PATCH] qlge: Avoid reading past end of buffer"
Previous message: David Miller: "Re: [PATCH] bna: Avoid reading past end of buffer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Kees Cook <keescook@xxxxxxxxxxxx>
Date: Fri, 5 May 2017 15:30:23 -0700

> Using memcpy() from a string that is shorter than the length copied means
> the destination buffer is being filled with arbitrary data from the kernel
> rodata segment. Instead, use strncpy() which will fill the trailing bytes
> with zeros.
>
> This was found with the future CONFIG_FORTIFY_SOURCE feature.
>
> Cc: Daniel Micay <danielmicay@xxxxxxxxx>
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>

Applied.

Next message: David Miller: "Re: [PATCH] qlge: Avoid reading past end of buffer"
Previous message: David Miller: "Re: [PATCH] bna: Avoid reading past end of buffer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]