| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.OSX.2.00.1802071126080.1466@administrators-MacBook-Pro.local>
Date: Wed, 7 Feb 2018 11:26:43 -0500 (EST)
From: Chad Dupuis <chad.dupuis@...ium.com>
To: Arnd Bergmann <arnd@...db.de>
cc: linux-scsi@...r.kernel.org,
"James E . J . Bottomley" <jejb@...ux.vnet.ibm.com>,
QLogic-Storage-Upstream@...ium.com,
"Martin K. Petersen" <martin.petersen@...cle.com>,
Nicolas Pitre <nico@...aro.org>,
Andi Kleen <ak@...ux.intel.com>,
Saurav Kashyap <saurav.kashyap@...ium.com>,
Arun Easi <arun.easi@...ium.com>,
Nilesh Javali <nilesh.javali@...ium.com>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 6/6] scsi: qedf: use correct strncpy() size
On Fri, 2 Feb 2018, 8:12am, Arnd Bergmann wrote:
> gcc-8 warns during link-time optimization that the strncpy() call
> passes the size of the source buffer rather than the destination:
>
> drivers/scsi/qedf/qedf_dbg.c: In function 'qedf_uevent_emit':
> include/linux/string.h:253: error: 'strncpy' specified bound depends on the length of the source argument [-Werror=stringop-overflow=]
>
> This changes it to strscpy() with the correct length, guaranteeing
> a properly nul-terminated string of the right size.
>
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
> ---
> drivers/scsi/qedf/qedf_dbg.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
Reasonable security precaution.
Acked-by: Chad Dupuis <chad.dupuis@...ium.com>
Powered by blists - more mailing lists