Google Git
Sign in
linux / linux / kernel / git / zohar / linux-integrity / cd22874fec8fbecd4999b55e67baf3d71775f6f3
commitcd22874fec8fbecd4999b55e67baf3d71775f6f3[log] [tgz]
authorKees Cook <keescook@chromium.org>Fri May 05 15:42:55 2017 -0700
committerMartin K. Petersen <martin.petersen@oracle.com>Mon May 08 22:07:48 2017 -0400
tree0e02757aef2592f535c754271fd7b441d9056dee
parent0d2fc3b48ba0e267962c861c5258564c335dd1f2 [diff]
scsi: qedf: Avoid reading past end of buffer

Using memcpy() from a string that is shorter than the length copied
means the destination buffer is being filled with arbitrary data from
the kernel rodata segment. Instead, use strncpy() which will fill the
trailing bytes with zeros.

This was found with the future CONFIG_FORTIFY_SOURCE feature.

Cc: Daniel Micay <danielmicay@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Chad Dupuis <chad.dupuis@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
1 file changed
tree: 0e02757aef2592f535c754271fd7b441d9056dee
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .cocciconfig
  24. .get_maintainer.ignore
  25. .gitattributes
  26. .gitignore
  27. .mailmap
  28. COPYING
  29. CREDITS
  30. Kbuild
  31. Kconfig
  32. MAINTAINERS
  33. Makefile
  34. README