| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CACKFLi=6s-mpTiD4KwJPjFexCdVC6aiKSexhY4wr43ouTWKzXg@mail.gmail.com>
Date: Mon, 13 Aug 2018 14:47:50 -0700
From: Michael Chan <michael.chan@...adcom.com>
To: Arnd Bergmann <arnd@...db.de>
Cc: "David S. Miller" <davem@...emloft.net>,
Vasundhara Volam <vasundhara-v.volam@...adcom.com>,
Scott Branden <scott.branden@...adcom.com>,
Andy Gospodarek <gospo@...adcom.com>,
Netdev <netdev@...r.kernel.org>,
open list <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] bnxt_en: avoid string overflow for record->system_name
On Mon, Aug 13, 2018 at 2:26 PM, Arnd Bergmann <arnd@...db.de> wrote:
> The utsname()->nodename string may be 64 bytes long, and it gets
> copied without the trailing nul byte into the shorter record->system_name,
> as gcc now warns:
>
> In file included from include/linux/bitmap.h:9,
> from include/linux/ethtool.h:16,
> from drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c:13:
> In function 'strncpy',
> inlined from 'bnxt_fill_coredump_record' at drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c:2863:2:
> include/linux/string.h:254:9: error: '__builtin_strncpy' output truncated before terminating nul copying as many bytes from a string as its length [-Werror=stringop-truncation]
>
> Using strlcpy() at least avoids overflowing the destination buffer
> and adds proper nul-termination. It may still truncate long names
> though, which probably can't be solved here.
>
> Fixes: 6c5657d085ae ("bnxt_en: Add support for ethtool get dump.")
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
Thanks.
Acked-by: Michael Chan <michael.chan@...adcom.com>
Powered by blists - more mailing lists