lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <87jz3hrnpg.wl-tiwai@suse.de>
Date: Wed, 06 Aug 2025 08:03:39 +0200
From: Takashi Iwai <tiwai@...e.de>
To: Thorsten Blum <thorsten.blum@...ux.dev>
Cc: Jaroslav Kysela <perex@...ex.cz>,
	Takashi Iwai <tiwai@...e.com>,
	Sakari Ailus <sakari.ailus@...ux.intel.com>,
	Joe Perches <joe@...ches.com>,
	Mark Brown <broonie@...nel.org>,
	stable@...r.kernel.org,
	Takashi Iwai <tiwai@...e.de>,
	linux-sound@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe()

On Wed, 06 Aug 2025 01:41:53 +0200,
Thorsten Blum wrote:
> 
> In __hdmi_lpe_audio_probe(), strscpy() is incorrectly called with the
> length of the source string (excluding the NUL terminator) rather than
> the size of the destination buffer. This results in one character less
> being copied from 'card->shortname' to 'pcm->name'.
> 
> Use the destination buffer size instead to ensure the card name is
> copied correctly.
> 
> Cc: stable@...r.kernel.org
> Fixes: 75b1a8f9d62e ("ALSA: Convert strlcpy to strscpy when return value is unused")
> Signed-off-by: Thorsten Blum <thorsten.blum@...ux.dev>
> ---
> Changes in v2:
> - Use three parameter variant of strscpy() for backporting as suggested
>   by Sakari Ailus <sakari.ailus@...ux.intel.com>
> - Link to v1: https://lore.kernel.org/lkml/20250805190809.31150-1-thorsten.blum@linux.dev/

Applied now.  Thanks.


Takashi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ