| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Oct 2010 12:44:17 +0400 From: Evgeny Kuznetsov <EXT-Eugeny.Kuznetsov@...ia.com> To: akpm@...ux-foundation.org, torvalds@...ux-foundation.org Cc: phillip@...gher.demon.co.uk, hsweeten@...ionengravers.com, hpa@...or.com, linux-kernel@...r.kernel.org, ext-eugeny.kuznetsov@...ia.com Subject: [PATCH 1/1] initramfs: strcpy destination string overflow From: Evgeny Kuznetsov <ext-eugeny.kuznetsov@...ia.com> Function "strcpy()" is used without check for maximum allowed source string length and could cause destination string overflow. "strcpy()" is replaced by "strlcpy()" to prevent destination string overflow. Signed-off-by: Evgeny Kuznetsov <EXT-Eugeny.Kuznetsov@...ia.com> --- init/initramfs.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/init/initramfs.c b/init/initramfs.c index 4b9c202..3e68568 100644 --- a/init/initramfs.c +++ b/init/initramfs.c @@ -56,7 +56,7 @@ static char __init *find_link(int major, int minor, int ino, q->minor = minor; q->ino = ino; q->mode = mode; - strcpy(q->name, name); + strlcpy(q->name, name, sizeof(q->name)); q->next = NULL; *p = q; return NULL; -- 1.6.3.3 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists