lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1547878852-22081-1-git-send-email-laoar.shao@gmail.com>
Date:   Sat, 19 Jan 2019 14:20:52 +0800
From:   Yafang Shao <laoar.shao@...il.com>
To:     ast@...nel.org, daniel@...earbox.net
Cc:     netdev@...r.kernel.org, shaoyafang@...iglobal.com,
        Yafang Shao <laoar.shao@...il.com>
Subject: [PATCH bpf-next] bpf: use the proper optlen when doing strncpy in bpf_getsockopt()

As the last character of optval will be set with 0, so just copying
(optlen - 1) characters is enough.

Signed-off-by: Yafang Shao <laoar.shao@...il.com>
---
 net/core/filter.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/core/filter.c b/net/core/filter.c
index 447dd1b..7a4de22 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -4262,7 +4262,7 @@ static unsigned long bpf_xdp_copy(void *dst_buff, const void *src_buff,
 
 			if (!icsk->icsk_ca_ops || optlen <= 1)
 				goto err_clear;
-			strncpy(optval, icsk->icsk_ca_ops->name, optlen);
+			strncpy(optval, icsk->icsk_ca_ops->name, optlen - 1);
 			optval[optlen - 1] = 0;
 			break;
 		case TCP_SAVED_SYN:
-- 
1.8.3.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ