| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 29 May 2018 18:58:38 -0700
From: Nick Desaulniers <nick.desaulniers@...il.com>
To: b.zolnierkie@...sung.com
Cc: Nick Desaulniers <nick.desaulniers@...il.com>,
dri-devel@...ts.freedesktop.org, linux-fbdev@...r.kernel.org,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
ebiggers@...gle.com
Subject: Re: [PATCH] video/hdmi: prefer strlcpy to strncpy
On Mon, May 28, 2018 at 11:59 PM, Nick Desaulniers
<nick.desaulniers@...il.com> wrote:
> Fixes a stringop-truncation warning from gcc-8.
>
> Signed-off-by: Nick Desaulniers <nick.desaulniers@...il.com>
> ---
> drivers/video/hdmi.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/video/hdmi.c b/drivers/video/hdmi.c
> index 111a0ab..46c184c 100644
> --- a/drivers/video/hdmi.c
> +++ b/drivers/video/hdmi.c
> @@ -168,8 +168,8 @@ int hdmi_spd_infoframe_init(struct hdmi_spd_infoframe *frame,
> frame->version = 1;
> frame->length = HDMI_SPD_INFOFRAME_SIZE;
>
> - strncpy(frame->vendor, vendor, sizeof(frame->vendor));
> - strncpy(frame->product, product, sizeof(frame->product));
> + strlcpy(frame->vendor, vendor, sizeof(frame->vendor));
> + strlcpy(frame->product, product, sizeof(frame->product));
>
> return 0;
> }
> --
> 2.7.4
>
Eric points out this can leak kernel memory if size is less than length of src.
Powered by blists - more mailing lists