lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 1 Mar 2018 16:25:28 -0800 From: Florian Fainelli <f.fainelli@...il.com> To: netdev@...r.kernel.org Cc: Florian Fainelli <f.fainelli@...il.com>, Andrew Lunn <andrew@...n.ch>, Vivien Didelot <vivien.didelot@...oirfairelinux.com>, Woojung Huh <Woojung.Huh@...rochip.com>, Microchip Linux Driver Support <UNGLinuxDriver@...rochip.com>, linux-kernel@...r.kernel.org (open list) Subject: [PATCH net 3/4] net: dsa: microchip: Utilize strncpy() for ethtool::get_strings Do not use memcpy() which is not safe, but instead use strncpy() which will make sure that the string is NUL terminated (in the Linux implementation) if the string is smaller than the length specified. This fixes KASAN out of bounds warnings while fetching port statistics. Fixes: b987e98e50ab ("dsa: add DSA switch driver for Microchip KSZ9477") Signed-off-by: Florian Fainelli <f.fainelli@...il.com> --- drivers/net/dsa/microchip/ksz_common.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/net/dsa/microchip/ksz_common.c b/drivers/net/dsa/microchip/ksz_common.c index 663b0d5b982b..db7f5c8c1dcb 100644 --- a/drivers/net/dsa/microchip/ksz_common.c +++ b/drivers/net/dsa/microchip/ksz_common.c @@ -449,8 +449,8 @@ static void ksz_get_strings(struct dsa_switch *ds, int port, uint8_t *buf) int i; for (i = 0; i < TOTAL_SWITCH_COUNTER_NUM; i++) { - memcpy(buf + i * ETH_GSTRING_LEN, mib_names[i].string, - ETH_GSTRING_LEN); + strncpy(buf + i * ETH_GSTRING_LEN, mib_names[i].string, + ETH_GSTRING_LEN); } } -- 2.14.1
Powered by blists - more mailing lists