Re: [PATCH v2] wifi: mt76: Fix strscpy buffer overflow in mt76_connac2_load_patch

[Filippo Rossoni]

Hello
What is the status of this patch
I'm compiling the latest kernel with this patch to have wifi working
The current status in not working if there are problem with this patch
I propose to revert the commit
[f804a5895ebad2b2d4fb8a3688d2115926e993d5] wifi: mt76: Strip
whitespace from build ddate
diff --git a/drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c b/drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c
index ea99167765b0..0fbfa449d6fe 100644
--- a/drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c
+++ b/drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c
@@ -3101,7 +3101,7 @@ int mt76_connac2_load_patch(struct mt76_dev *dev, const char *fw_name)
 	int i, ret, sem, max_len = mt76_is_sdio(dev) ? 2048 : 4096;
 	const struct mt76_connac2_patch_hdr *hdr;
 	const struct firmware *fw = NULL;
-	char build_date[17];
+
 
 	sem = mt76_connac_mcu_patch_sem_ctrl(dev, true);
 	switch (sem) {
@@ -3125,12 +3125,14 @@ int mt76_connac2_load_patch(struct mt76_dev *dev, const char *fw_name)
 	}
 
 	hdr = (const void *)fw->data;
-	strscpy(build_date, hdr->build_date, sizeof(build_date));
-	build_date[16] = '\0';
-	strim(build_date);
-	dev_info(dev->dev, "HW/SW Version: 0x%x, Build Time: %.16s\n",
-		 be32_to_cpu(hdr->hw_sw_ver), build_date);
-
+	{
+		char build_date[sizeof(hdr->build_date)+1];
+		memcpy(build_date, hdr->build_date, sizeof(hdr->build_date));
+		build_date[sizeof(hdr->build_date)] = '\0';
+		strim(build_date);
+		dev_info(dev->dev, "HW/SW Version: 0x%x, Build Time: %.16s\n",
+			be32_to_cpu(hdr->hw_sw_ver), build_date);
+	}
 	for (i = 0; i < be32_to_cpu(hdr->desc.n_region); i++) {
 		struct mt76_connac2_patch_sec *sec;
 		u32 len, addr, mode;