Re: [PATCH] scsi: qedf: Avoid reading past end of buffer

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Kees Cook <keescook@xxxxxxxxxxxx>
Subject: Re: [PATCH] scsi: qedf: Avoid reading past end of buffer
From: "Martin K. Petersen" <martin.petersen@xxxxxxxxxx>
Date: Mon, 08 May 2017 22:08:44 -0400
Cc: linux-scsi@xxxxxxxxxxxxxxx, QLogic-Storage-Upstream@xxxxxxxxxx, "James E.J. Bottomley" <jejb@xxxxxxxxxxxxxxxxxx>, "Martin K. Petersen" <martin.petersen@xxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, Daniel Micay <danielmicay@xxxxxxxxx>
In-reply-to: <20170505224255.GA21521@beast> (Kees Cook's message of "Fri, 5 May 2017 15:42:55 -0700")
Organization: Oracle Corporation
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux)

Kees,

> Using memcpy() from a string that is shorter than the length copied
> means the destination buffer is being filled with arbitrary data from
> the kernel rodata segment. Instead, use strncpy() which will fill the
> trailing bytes with zeros.

Applied to 4.12/scsi-fixes, thanks!

-- 
Martin K. Petersen	Oracle Linux Engineering

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

References:
- [PATCH] scsi: qedf: Avoid reading past end of buffer
  - From: Kees Cook

Prev by Date: Re: remove REQ_OP_WRITE_SAME
Next by Date: Re: [PATCH] cxlflash: Select IRQ_POLL
Previous by thread: Re: [PATCH] scsi: qedf: Avoid reading past end of buffer
Next by thread: Re: [PATCH 1/4] blk-mq: introduce BLK_MQ_F_SCHED_USE_HW_TAG
Index(es):
- Date
- Thread

[Index of Archives] [SCSI Target Devel] [Linux SCSI Target Infrastructure] [Kernel Newbies] [IDE] [Security] [Git] [Netfilter] [Bugtraq] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Linux ATA RAID] [Linux IIO] [Samba] [Device Mapper]

Powered by Linux