Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit cd22874f authored by Kees Cook's avatar Kees Cook Committed by Martin K. Petersen
Browse files

scsi: qedf: Avoid reading past end of buffer 



Using memcpy() from a string that is shorter than the length copied
means the destination buffer is being filled with arbitrary data from
the kernel rodata segment. Instead, use strncpy() which will fill the
trailing bytes with zeros.

This was found with the future CONFIG_FORTIFY_SOURCE feature.

Cc: Daniel Micay <danielmicay@gmail.com>
Signed-off-by: default avatarKees Cook <keescook@chromium.org>
Acked-by: default avatarChad Dupuis <chad.dupuis@cavium.com>
Signed-off-by: default avatarMartin K. Petersen <martin.petersen@oracle.com>
parent 0d2fc3b4
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment