| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 28 Sep 2017 16:25:15 +0200
From: Jean Delvare <jdelvare@...e.de>
To: LKML <linux-kernel@...r.kernel.org>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Ingo Molnar <mingo@...nel.org>, Baoquan He <bhe@...hat.com>,
Michal Hocko <mhocko@...e.com>
Subject: [PATCH v2 1/3] params: Fix the maximum length in param_get_string
The length parameter of strlcpy() is supposed to reflect the size of
the target buffer, not of the source string. Harmless in this case as
the buffer is PAGE_SIZE long and the source string is always much
shorter than this, but conceptually wrong, so let's fix it.
Signed-off-by: Jean Delvare <jdelvare@...e.de>
---
Changes since v1:
* Patch added
kernel/params.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- linux-4.13.orig/kernel/params.c 2017-09-28 11:09:09.604089430 +0200
+++ linux-4.13/kernel/params.c 2017-09-28 11:09:47.573434740 +0200
@@ -507,7 +507,7 @@ EXPORT_SYMBOL(param_set_copystring);
int param_get_string(char *buffer, const struct kernel_param *kp)
{
const struct kparam_string *kps = kp->str;
- return strlcpy(buffer, kps->string, kps->maxlen);
+ return strlcpy(buffer, kps->string, PAGE_SIZE);
}
EXPORT_SYMBOL(param_get_string);
--
Jean Delvare
SUSE L3 Support
Powered by blists - more mailing lists