Re: [PATCH] of/device: Prevent buffer overflow in of_device_modalias()

From: Rob Herring
Date: Thu Aug 24 2017 - 12:25:19 EST


On Wed, Aug 23, 2017 at 8:04 PM, Bjorn Andersson
<bjorn.andersson@xxxxxxxxxx> wrote:
> As of_device_get_modalias() returns the number of bytes that would have
> been written to the target string, regardless of how much did fit in the
> buffer, it's possible that the returned index points beyond the buffer
> passed to of_device_modalias() - causing memory beyond the buffer to be
> null terminated.

I guess ibmebus and macio had this bug for some time because I just
copied those implementations.

Applying both patches. Thanks.

Rob