| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aYMWrfvxLALsy8-l@stanley.mountain>
Date: Wed, 4 Feb 2026 12:51:41 +0300
From: Dan Carpenter <dan.carpenter@...aro.org>
To: Artem Lytkin <iprintercanon@...il.com>
Cc: Sudip Mukherjee <sudipm.mukherjee@...il.com>,
Teddy Wang <teddy.wang@...iconmotion.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-fbdev@...r.kernel.org, linux-staging@...ts.linux.dev,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/4] staging: sm750fb: replace strcat() with memcpy() in
lynxfb_setup()
On Tue, Feb 03, 2026 at 11:07:55PM +0000, Artem Lytkin wrote:
> Replace deprecated strcat() with memcpy() in option parsing. The
> destination buffer is allocated with kzalloc (zero-filled) and the
> write position is tracked via pointer, making the null-terminator
> scan in strcat() redundant and potentially unsafe.
>
> Signed-off-by: Artem Lytkin <iprintercanon@...il.com>
> ---
> drivers/staging/sm750fb/sm750.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/staging/sm750fb/sm750.c b/drivers/staging/sm750fb/sm750.c
> index fecd7457e..4c6e84c03 100644
> --- a/drivers/staging/sm750fb/sm750.c
> +++ b/drivers/staging/sm750fb/sm750.c
> @@ -1163,7 +1163,7 @@ static int __init lynxfb_setup(char *options)
> } else if (!strncmp(opt, "dual", strlen("dual"))) {
> g_dualview = 1;
> } else {
> - strcat(tmp, opt);
> + memcpy(tmp, opt, strlen(opt));
This has exactly the same security issues as the original code.
regards,
dan carpenter
> tmp += strlen(opt);
> if (options)
> *tmp++ = ':';
> --
> 2.43.0
>
Powered by blists - more mailing lists