提交 3690c8c9 编写于 作者: W Wang Xiayang 提交者: David S. Miller

net/ethernet/qlogic/qed: force the string buffer NULL-terminated

strncpy() does not ensure NULL-termination when the input string
size equals to the destination buffer size 30.
The output string is passed to qed_int_deassertion_aeu_bit()
which calls DP_INFO() and relies NULL-termination.

Use strlcpy instead. The other conditional branch above strncpy()
needs no fix as snprintf() ensures NULL-termination.

This issue is identified by a Coccinelle script.
Signed-off-by: NWang Xiayang <xywang.sjtu@sjtu.edu.cn>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 ea443e5e
......@@ -1093,7 +1093,7 @@ static int qed_int_deassertion(struct qed_hwfn *p_hwfn,
snprintf(bit_name, 30,
p_aeu->bit_name, num);
else
strncpy(bit_name,
strlcpy(bit_name,
p_aeu->bit_name, 30);
/* We now need to pass bitmask in its
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册