summaryrefslogtreecommitdiffstats
path: root/include/linux/error-injection.h
diff options
context:
space:
mode:
authorSimon Horman <horms@kernel.org>2024-08-01 19:35:37 +0100
committerJakub Kicinski <kuba@kernel.org>2024-08-02 17:16:09 -0700
commit6555a2a9212be6983d2319d65276484f7c5f431a (patch)
tree10ca58110b9120458a19e0a7069c6bdfada5fae7 /include/linux/error-injection.h
parentb71441b7542d35d48b886b02d808e8544153adda (diff)
downloadlinux-stable-6555a2a9212be6983d2319d65276484f7c5f431a.tar.gz
linux-stable-6555a2a9212be6983d2319d65276484f7c5f431a.tar.bz2
linux-stable-6555a2a9212be6983d2319d65276484f7c5f431a.zip
tipc: guard against string buffer overrun
Smatch reports that copying media_name and if_name to name_parts may overwrite the destination. .../bearer.c:166 bearer_name_validate() error: strcpy() 'media_name' too large for 'name_parts->media_name' (32 vs 16) .../bearer.c:167 bearer_name_validate() error: strcpy() 'if_name' too large for 'name_parts->if_name' (1010102 vs 16) This does seem to be the case so guard against this possibility by using strscpy() and failing if truncation occurs. Introduced by commit b97bf3fd8f6a ("[TIPC] Initial merge") Compile tested only. Reviewed-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: Simon Horman <horms@kernel.org> Link: https://patch.msgid.link/20240801-tipic-overrun-v2-1-c5b869d1f074@kernel.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'include/linux/error-injection.h')
0 files changed, 0 insertions, 0 deletions