On Tue, 2014-09-02 at 17:49 -0400, Joern Engel wrote: > last_intr_fail_name is a fixed-size array and could theoretically > overflow. In reality intrname->value doesn't seem to depend on > untrusted input or be anywhere near 224 characters, so the overflow is > pretty theoretical. But strlcpy is cheap enough. Found by coverity. > > Signed-off-by: Joern Engel <joern@xxxxxxxxx> > --- > drivers/target/iscsi/iscsi_target_util.c | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > diff --git a/drivers/target/iscsi/iscsi_target_util.c b/drivers/target/iscsi/iscsi_target_util.c > index fd90b28f1d94..5d611d7ba282 100644 > --- a/drivers/target/iscsi/iscsi_target_util.c > +++ b/drivers/target/iscsi/iscsi_target_util.c > @@ -1479,8 +1479,9 @@ void iscsit_collect_login_stats( > if (conn->param_list) > intrname = iscsi_find_param_from_key(INITIATORNAME, > conn->param_list); > - strcpy(ls->last_intr_fail_name, > - (intrname ? intrname->value : "Unknown")); > + strlcpy(ls->last_intr_fail_name, > + (intrname ? intrname->value : "Unknown"), > + sizeof(ls->last_intr_fail_name)); > > ls->last_intr_fail_ip_family = conn->login_family; > Applied to target-pending/for-next. -- To unsubscribe from this list: send the line "unsubscribe target-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
