Re: [PATCH] scripts/kallsyms: fix memory corruption caused by write over-run

[Justin Capella]

Looks like len is already +1, maybe it shouldn't be?

>         len = strlen(name) + 1;
>
> -       sym = malloc(sizeof(*sym) + len);
> +       sym = malloc(sizeof(*sym) + len + 1);


Maybe strlcpy or if len wasn't incremented?

>
> -       memcpy(sym_name(sym), name, len);
> +       strcpy(sym_name(sym), name);
>