[PATCH] kdb: Fix a potential buffer overflow in kdb_local()

From: Christophe JAILLET
Date: Sat Oct 28 2023 - 09:55:18 EST

Next message: Christian Brauner: "[GIT PULL for v6.7] vfs super updates"
Previous message: Ingo Molnar: "[GIT PULL] x86/mm changes for v6.7"
Next in thread: Doug Anderson: "Re: [PATCH] kdb: Fix a potential buffer overflow in kdb_local()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

When appending "[defcmd]" to 'kdb_prompt_str', the size of the string
already in the buffer should be taken into account.

Switch from strncat() to strlcat() which does the correct test to avoid
such an overflow.

Fixes: 5d5314d6795f ("kdb: core for kgdb back end (1 of 2)")
Signed-off-by: Christophe JAILLET <christophe.jaillet@xxxxxxxxxx>
---
kernel/debug/kdb/kdb_main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/debug/kdb/kdb_main.c b/kernel/debug/kdb/kdb_main.c
index 438b868cbfa9..e5f0bf0f45d1 100644
--- a/kernel/debug/kdb/kdb_main.c
+++ b/kernel/debug/kdb/kdb_main.c
@@ -1350,7 +1350,7 @@ static int kdb_local(kdb_reason_t reason, int error, struct pt_regs *regs,
snprintf(kdb_prompt_str, CMD_BUFLEN, kdbgetenv("PROMPT"),
raw_smp_processor_id());
if (defcmd_in_progress)
- strncat(kdb_prompt_str, "[defcmd]", CMD_BUFLEN);
+ strlcat(kdb_prompt_str, "[defcmd]", CMD_BUFLEN);

/*
* Fetch command from keyboard
--
2.34.1

Next message: Christian Brauner: "[GIT PULL for v6.7] vfs super updates"
Previous message: Ingo Molnar: "[GIT PULL] x86/mm changes for v6.7"
Next in thread: Doug Anderson: "Re: [PATCH] kdb: Fix a potential buffer overflow in kdb_local()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]