[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <20170508.144221.1326034654665240024.davem@davemloft.net>
Date: Mon, 08 May 2017 14:42:21 -0400 (EDT)
From: David Miller <davem@...emloft.net>
To: keescook@...omium.org
Cc: netdev@...r.kernel.org, harish.patil@...ium.com,
manish.chopra@...ium.com, Dept-GELinuxNICDev@...ium.com,
linux-kernel@...r.kernel.org, danielmicay@...il.com
Subject: Re: [PATCH] qlge: Avoid reading past end of buffer
From: Kees Cook <keescook@...omium.org>
Date: Fri, 5 May 2017 15:34:34 -0700
> Using memcpy() from a string that is shorter than the length copied means
> the destination buffer is being filled with arbitrary data from the kernel
> rodata segment. Instead, use strncpy() which will fill the trailing bytes
> with zeros.
>
> This was found with the future CONFIG_FORTIFY_SOURCE feature.
>
> Cc: Daniel Micay <danielmicay@...il.com>
> Signed-off-by: Kees Cook <keescook@...omium.org>
Applied.
Powered by blists - more mailing lists