Google Git
Sign in
kernel / pub / scm / linux / kernel / git / stable / stable-queue / e09aa48ded607f1fb9e6521358da8f3c45cef15f / . / releases / 3.17.2 / mei-bus-fix-possible-boundaries-violation.patch
blob: 5bb5a7411c35b6529c4747e94ade5194f1399fc9 [file] [log] [blame]
From cfda2794b5afe7ce64ee9605c64bef0e56a48125 Mon Sep 17 00:00:00 2001
From: Alexander Usyskin <alexander.usyskin@intel.com>
Date: Mon, 25 Aug 2014 16:46:53 +0300
Subject: mei: bus: fix possible boundaries violation
From: Alexander Usyskin <alexander.usyskin@intel.com>
commit cfda2794b5afe7ce64ee9605c64bef0e56a48125 upstream.
function 'strncpy' will fill whole buffer 'id.name' of fixed size (32)
with string value and will not leave place for NULL-terminator.
Possible buffer boundaries violation in following string operations.
Replace strncpy with strlcpy.
Signed-off-by: Alexander Usyskin <alexander.usyskin@intel.com>
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/misc/mei/bus.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/drivers/misc/mei/bus.c
+++ b/drivers/misc/mei/bus.c
@@ -70,7 +70,7 @@ static int mei_cl_device_probe(struct de
dev_dbg(dev, "Device probe\n");
- strncpy(id.name, dev_name(dev), sizeof(id.name));
+ strlcpy(id.name, dev_name(dev), sizeof(id.name));
return driver->probe(device, &id);
}