Breno,
> Currently an open firmware property is copied into partition_name
> variable without keeping a room for \0.
>
> Later one, this variable (partition_name), which is 97 bytes long, is
> strncpyed into ibmvcsci_host_data->madapter_info->partition_name,
> which is 96 bytes long, possibly
On 06/26/2018 01:35 PM, Breno Leitao wrote:
The subject line should have been updated to [PATCH v2] to clue recipients to
the fact that this is an updated version and not a resend or accidental
duplicate send.
> Currently an open firmware property is copied into partition_name variable
>
Currently an open firmware property is copied into partition_name variable
without keeping a room for \0.
Later one, this variable (partition_name), which is 97 bytes long, is
strncpyed into ibmvcsci_host_data->madapter_info->partition_name, which
is 96 bytes long, possibly truncating it 'again'
On 06/26/18 12:10, Breno Leitao wrote:
if (ppartition_name)
strncpy(partition_name, ppartition_name,
- sizeof(partition_name));
+ sizeof(partition_name) - 1);
Please use strlcpy() instead of trying to emulate
Currently an open firmware property is copied into partition_name variable
without keeping a room for \0.
Later one, this variable (partition_name), which is 97 bytes long, is
strncpyed into ibmvcsci_host_data->madapter_info->partition_name, which
is 96 bytes long, possibly truncating it 'again'
5 matches
Mail list logo
