lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1558429940-8709-1-git-send-email-neojou@gmail.com>
Date:   Tue, 21 May 2019 17:12:20 +0800
From:   neojou@...il.com
To:     arend.vanspriel@...adcom.com, franky.lin@...adcom.com,
        hante.meuleman@...adcom.com, chi-hsien.lin@...ress.com,
        wright.feng@...ress.com, kvalo@...eaurora.org, davem@...emloft.net,
        rafal@...ecki.pl, hdegoedg@...hat.com,
        p.figiel@...lintechnologies.com
Cc:     linux-wireless@...r.kernel.org,
        brcm80211-dev-list.pdl@...odcom.com,
        brcm80211-dev-list@...ress.com, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, Neo Jou <neojou@...il.com>
Subject: [PATCH] brcmfmac: use strlcpy() instead of strcpy()

From: Neo Jou <neojou@...il.com>

The function strcpy() is inherently not safe. Though the function
works without problems here, it would be better to use other safer
function, e.g. strlcpy(), to replace strcpy() still.

Signed-off-by: Neo Jou <neojou@...il.com>
---
 drivers/net/wireless/broadcom/brcm80211/brcmfmac/common.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/common.c b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/common.c
index 96b8d5b..9e0bd2b 100644
--- a/drivers/net/wireless/broadcom/brcm80211/brcmfmac/common.c
+++ b/drivers/net/wireless/broadcom/brcm80211/brcmfmac/common.c
@@ -269,7 +269,7 @@ int brcmf_c_preinit_dcmds(struct brcmf_if *ifp)
 
 	/* query for 'ver' to get version info from firmware */
 	memset(buf, 0, sizeof(buf));
-	strcpy(buf, "ver");
+	strlcpy(buf, "ver", sizeof(buf));
 	err = brcmf_fil_iovar_data_get(ifp, "ver", buf, sizeof(buf));
 	if (err < 0) {
 		bphy_err(drvr, "Retrieving version information failed, %d\n",
-- 
2.7.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ