summaryrefslogtreecommitdiff
path: root/security/commoncap.c
diff options
context:
space:
mode:
authorArnd Bergmann <arnd@arndb.de>2018-02-02 16:18:37 +0100
committerDavid S. Miller <davem@davemloft.net>2018-02-02 19:32:05 -0500
commit1a91649fd35ff53a646981e212496f1ae92a8487 (patch)
tree4b6c485e427f644f578733e54c61b3c97619fa61 /security/commoncap.c
parent058a6c033488494a6b1477b05fe8e1a16e344462 (diff)
net: cxgb4: avoid memcpy beyond end of source buffer
Building with link-time-optimizations revealed that the cxgb4 driver does a fixed-size memcpy() from a variable-length constant string into the network interface name: In function 'memcpy', inlined from 'cfg_queues_uld.constprop' at drivers/net/ethernet/chelsio/cxgb4/cxgb4_uld.c:335:2, inlined from 'cxgb4_register_uld.constprop' at drivers/net/ethernet/chelsio/cxgb4/cxgb4_uld.c:719:9: include/linux/string.h:350:3: error: call to '__read_overflow2' declared with attribute error: detected read beyond size of object passed as 2nd parameter __read_overflow2(); ^ I can see two equally workable solutions: either we use a strncpy() instead of the memcpy() to stop at the end of the input, or we make the source buffer fixed length as well. This implements the latter. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'security/commoncap.c')
0 files changed, 0 insertions, 0 deletions