Re: [PATCH 1/1] initramfs: strcpy destination string overflow
From: AmÃrico Wang
Date: Tue Oct 05 2010 - 07:40:22 EST
On Tue, Oct 05, 2010 at 12:44:17PM +0400, Evgeny Kuznetsov wrote:
>From: Evgeny Kuznetsov <ext-eugeny.kuznetsov@xxxxxxxxx>
>
>Function "strcpy()" is used without check for maximum allowed
>source string length and could cause destination string overflow.
>"strcpy()" is replaced by "strlcpy()" to prevent destination
>string overflow.
>
>Signed-off-by: Evgeny Kuznetsov <EXT-Eugeny.Kuznetsov@xxxxxxxxx>
Looks good to me,
Reviewed-by: WANG Cong <xiyou.wangcong@xxxxxxxxx>
>---
> init/initramfs.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
>diff --git a/init/initramfs.c b/init/initramfs.c
>index 4b9c202..3e68568 100644
>--- a/init/initramfs.c
>+++ b/init/initramfs.c
>@@ -56,7 +56,7 @@ static char __init *find_link(int major, int minor, int ino,
> q->minor = minor;
> q->ino = ino;
> q->mode = mode;
>- strcpy(q->name, name);
>+ strlcpy(q->name, name, sizeof(q->name));
> q->next = NULL;
> *p = q;
> return NULL;
>--
>1.6.3.3
>
>--
>To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
>the body of a message to majordomo@xxxxxxxxxxxxxxx
>More majordomo info at http://vger.kernel.org/majordomo-info.html
>Please read the FAQ at http://www.tux.org/lkml/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/