lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1487129245-24970-1-git-send-email-me@tobin.cc>
Date:   Wed, 15 Feb 2017 14:27:22 +1100
From:   "Tobin C. Harding" <me@...in.cc>
To:     Thomas Petazzoni <thomas.petazzoni@...e-electrons.com>,
        noralf@...nnes.org
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        devel@...verdev.osuosl.org, linux-kernel@...r.kernel.org,
        "Tobin C. Harding" <me@...in.cc>
Subject: [PATCH v2 0/3] staging: fbtft: Fix buffer overflow vulnerability

Module copies a user supplied string (module parameter) into a buffer
using strncpy() and does not check that the buffer is null terminated.

Replace call to strncpy() with call to strlcpy() ensuring that the
buffer is null terminated.

Replace magic number with pre-existing compile time constant.

Check return value of call to strlcpy() and throw warning if source
string is truncated.

v1 was a single patch. v2 adds 2 extra patches while retaining the
original v1 patch as the first of the series.

v2:
 - Replace magic number
 - Check return value of call to strlcpy()

Tobin C. Harding (3):
  staging: fbtft: Fix buffer overflow vulnerability
  staging: fbtft: Replace magic number with constant
  staging: fbtft: Add check on strlcpy() return value

 drivers/staging/fbtft/fbtft_device.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

-- 
2.7.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ