| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 07 Jan 2011 00:48:08 +0000 From: Ben Hutchings <bhutchings@...arflare.com> To: jeffrey.t.kirsher@...el.com Cc: davem@...emloft.net, Bruce Allan <bruce.w.allan@...el.com>, netdev@...r.kernel.org, gosp@...hat.com, bphilips@...ell.com Subject: Re: [net-next 03/12] e1000e: properly bounds-check string functions On Thu, 2011-01-06 at 16:29 -0800, jeffrey.t.kirsher@...el.com wrote: > From: Bruce Allan <bruce.w.allan@...el.com> > > Use string functions with bounds checking rather than their non-bounds > checking counterparts, and do not hard code these boundaries. [...] > --- a/drivers/net/e1000e/netdev.c > +++ b/drivers/net/e1000e/netdev.c [...] > @@ -5968,7 +5968,7 @@ static int __devinit e1000_probe(struct pci_dev *pdev, > if (!(adapter->flags & FLAG_HAS_AMT)) > e1000_get_hw_control(adapter); > > - strcpy(netdev->name, "eth%d"); > + strncpy(netdev->name, "eth%d", sizeof(netdev->name) - 1); > err = register_netdev(netdev); > if (err) > goto err_register; [...] This statement is actually redundant - alloc_etherdev() sets the name for you. Ben. -- Ben Hutchings, Senior Software Engineer, Solarflare Communications Not speaking for my employer; that's the marketing department's job. They asked us to note that Solarflare product names are trademarked. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists