Re: [PATCH] bna: Avoid reading past end of buffer
From: David Miller
Date: Mon May 08 2017 - 14:42:17 EST
From: Kees Cook <keescook@xxxxxxxxxxxx>
Date: Fri, 5 May 2017 15:25:32 -0700
> Using memcpy() from a string that is shorter than the length copied means
> the destination buffer is being filled with arbitrary data from the kernel
> rodata segment. Instead, use strncpy() which will fill the trailing bytes
> with zeros.
>
> This was found with the future CONFIG_FORTIFY_SOURCE feature.
>
> Cc: Daniel Micay <danielmicay@xxxxxxxxx>
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
Applied.