Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 67a88e6390e52e42b72342a88fab458ada00ba28
commit67a88e6390e52e42b72342a88fab458ada00ba28[log] [tgz]
authorPeter Huewe <peterhuewe@gmx.de>Thu Feb 14 04:08:55 2013 +0100
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>Thu Feb 14 09:26:23 2013 -0800
tree23bec107be525564cd07f6b3cf6e3011f05324a6
parentfae7e4d39373305cf505d1f0871a4491897d56f9 [diff]
staging/rtl8192u/ieee80211: Fix buffer overflow in ieee80211_softmac_wx.c

Clang/scan-build complains about a possible buffer overflow in
ieee80211_wx_get_name:

.../staging/rtl8192u/ieee80211/ieee80211_softmac_wx.c:499:3:
warning: String copy function overflows destination buffer
	strcat(wrqu->name," link..");

.../staging/rtl8192u/ieee80211/ieee80211_softmac_wx.c:497:3:
warning: String copy function overflows destination buffer
	strcat(wrqu->name," linked");

The buffer wrqu->name is only IFNAMSIZ bytes big (currently 16),
so if we have a "802.11b/g/n linked" device we overrun the buffer by 3
bytes.

-> Use strlcopy / strlcat to populate the name.
This is done in a similar fashion in
staging/rtl8187se/ieee80211/ieee80211_softmac_wx.c

While at it cleaned some whitespace issues.

Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
1 file changed
tree: 23bec107be525564cd07f6b3cf6e3011f05324a6
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS