strcpy() performs no bounds checking on the destination buffer. This
could result in linear overflows beyond the end of the buffer, leading
to all kinds of misbehaviors.[1]
[1]: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy
Signed-off-by: Zhang Heng <zhangheng@xxxxxxxxxx>
---
sound/soc/codecs/tas2781-i2c.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sound/soc/codecs/tas2781-i2c.c b/sound/soc/codecs/tas2781-i2c.c
index fb8cd2284fe8..03d07ab8b41a 100644
--- a/sound/soc/codecs/tas2781-i2c.c
+++ b/sound/soc/codecs/tas2781-i2c.c
@@ -1658,7 +1658,7 @@ static void tasdevice_parse_dt(struct tasdevice_priv *tas_priv)
dev_err(tas_priv->dev, "%s Can't get reset GPIO\n",
__func__);
- strcpy(tas_priv->dev_name, tasdevice_id[tas_priv->chip_id].name);
+ strscpy(tas_priv->dev_name, tasdevice_id[tas_priv->chip_id].name);
}
static int tasdevice_i2c_probe(struct i2c_client *i2c)
--
2.45.2
[Index of Archives]
[Pulseaudio]
[Linux Audio Users]
[ALSA Devel]
[Fedora Desktop]
[Fedora SELinux]
[Big List of Linux Books]
[Yosemite News]
[KDE Users]
