lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 02 Feb 2018 19:43:14 -0500 (EST)
From:   David Miller <davem@...emloft.net>
To:     arnd@...db.de
Cc:     Ariel.Elior@...ium.com, everest-linux-l2@...ium.com,
        Tomer.Tayar@...ium.com, Yuval.Mintz@...ium.com,
        Chad.Dupuis@...ium.com, Manish.Rangankar@...ium.com,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net: qed: use correct strncpy() size

From: Arnd Bergmann <arnd@...db.de>
Date: Fri,  2 Feb 2018 16:44:47 +0100

> passing the strlen() of the source string as the destination
> length is pointless, and gcc-8 now warns about it:
> 
> drivers/net/ethernet/qlogic/qed/qed_debug.c: In function 'qed_grc_dump':
> include/linux/string.h:253: error: 'strncpy' specified bound depends on the length of the source argument [-Werror=stringop-overflow=]
> 
> This changes qed_grc_dump_big_ram() to instead uses the length of
> the destination buffer, and use strscpy() to guarantee nul-termination.
> 
> Signed-off-by: Arnd Bergmann <arnd@...db.de>

Applied.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ