Re: [PATCH 10/17] delta: Fix buffer overrun in delta_ipc_open

[Hugues FRUCHET]

Hi Andi,

So do both, memset then strscpy:

+	memset(msg.name, 0, sizeof(msg.name));
+	if (strscpy(msg.name, name, sizeof(msg.name)) <= 0)
+         goto err;

BR,
Hugues.

On 4/1/19 6:54 PM, Andi Kleen wrote:
> On Mon, Apr 01, 2019 at 01:37:56PM +0000, Hugues FRUCHET wrote:
>> Hi Andi,
>>
>> We have already discussed about that here:
>> https://lore.kernel.org/patchwork/patch/866406/
>>
>> Now that strscpy is largely deployed within kernel, could you retest
>> with the change I suggested ?
> 
> strscpy is not the correct fix because it leaks uninitialized memory
> to the receiver.  You need the memset.
> 
> -Andi
>