[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1487129245-24970-1-git-send-email-me@tobin.cc>
Date: Wed, 15 Feb 2017 14:27:22 +1100
From: "Tobin C. Harding" <me@...in.cc>
To: Thomas Petazzoni <thomas.petazzoni@...e-electrons.com>,
noralf@...nnes.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
devel@...verdev.osuosl.org, linux-kernel@...r.kernel.org,
"Tobin C. Harding" <me@...in.cc>
Subject: [PATCH v2 0/3] staging: fbtft: Fix buffer overflow vulnerability
Module copies a user supplied string (module parameter) into a buffer
using strncpy() and does not check that the buffer is null terminated.
Replace call to strncpy() with call to strlcpy() ensuring that the
buffer is null terminated.
Replace magic number with pre-existing compile time constant.
Check return value of call to strlcpy() and throw warning if source
string is truncated.
v1 was a single patch. v2 adds 2 extra patches while retaining the
original v1 patch as the first of the series.
v2:
- Replace magic number
- Check return value of call to strlcpy()
Tobin C. Harding (3):
staging: fbtft: Fix buffer overflow vulnerability
staging: fbtft: Replace magic number with constant
staging: fbtft: Add check on strlcpy() return value
drivers/staging/fbtft/fbtft_device.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
--
2.7.4
Powered by blists - more mailing lists