From: Derek Robson
> Sent: 02 February 2019 00:55
>
> Found a bug with the source / dest length
> updated to have size limit as the size of dest not size or source.
>
> Signed-off-by: Derek Robson <[email protected]>
> ---
> arch/x86/ia32/ia32_aout.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/x86/ia32/ia32_aout.c b/arch/x86/ia32/ia32_aout.c
> index f65b78d32f5e..1e7f71723ee0 100644
> --- a/arch/x86/ia32/ia32_aout.c
> +++ b/arch/x86/ia32/ia32_aout.c
> @@ -157,7 +157,7 @@ static int aout_core_dump(struct coredump_params *cprm)
> fs = get_fs();
> set_fs(KERNEL_DS);
> has_dumped = 1;
> - strncpy(dump.u_comm, current->comm, sizeof(current->comm));
> + strncpy(dump.u_comm, current->comm, sizeof(dump.u_comm));
That can be right if the destination is guaranteed to be longer than
the source and the source might not be '\0' terminated
(and the target has been zeroed).
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT,
UK
Registration No: 1397386 (Wales)
