Re: [PATCH] of/device: Prevent buffer overflow in of_device_modalias()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Aug 23, 2017 at 8:04 PM, Bjorn Andersson
<bjorn.andersson@xxxxxxxxxx> wrote:
> As of_device_get_modalias() returns the number of bytes that would have
> been written to the target string, regardless of how much did fit in the
> buffer, it's possible that the returned index points beyond the buffer
> passed to of_device_modalias() - causing memory beyond the buffer to be
> null terminated.

I guess ibmebus and macio had this bug for some time because I just
copied those implementations.

Applying both patches. Thanks.

Rob



[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]