| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 22 Jun 2017 11:12:59 -0400 (EDT)
From: David Miller <davem@...emloft.net>
To: arnd@...db.de
Cc: andrew@...n.ch, f.fainelli@...il.com, timur@...eaurora.org,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net: phy: smsc: fix buffer overflow in memcpy
From: Arnd Bergmann <arnd@...db.de>
Date: Tue, 20 Jun 2017 22:40:46 +0200
> The memcpy annotation triggers for a fixed-length buffer copy:
>
> In file included from /git/arm-soc/arch/arm64/include/asm/processor.h:30:0,
> from /git/arm-soc/arch/arm64/include/asm/spinlock.h:21,
> from /git/arm-soc/include/linux/spinlock.h:87,
> from /git/arm-soc/include/linux/seqlock.h:35,
> from /git/arm-soc/include/linux/time.h:5,
> from /git/arm-soc/include/linux/stat.h:21,
> from /git/arm-soc/include/linux/module.h:10,
> from /git/arm-soc/drivers/net/phy/smsc.c:20:
> In function 'memcpy',
> inlined from 'smsc_get_strings' at /git/arm-soc/drivers/net/phy/smsc.c:166:3:
> /git/arm-soc/include/linux/string.h:309:4: error: call to '__read_overflow2' declared with attribute error: detected read beyond size of object passed as 2nd parameter
>
> Using strncpy instead of memcpy should do the right thing here.
>
> Fixes: 030a89028db0 ("net: phy: smsc: Implement PHY statistics")
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
APplied to net-next, thanks Arnd.
Powered by blists - more mailing lists