drivers/video: fsl-diu-fb: fix potential memcpy buffer overflow bug It makes no sense to limit the size of a strncpy() to the length of the source string. Signed-off-by: Timur Tabi <timur@freescale.com> Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>

commit: ec02dd23dc423cf019f660a63ac9c9d54840a473 [log] [tgz]
author: Timur Tabi <timur@freescale.com> Thu Sep 15 16:44:54 2011 -0500
committer: Florian Tobias Schandinat <FlorianSchandinat@gmx.de> Sun Sep 18 20:08:57 2011 +0000
tree: 746c6f1e2284eebdad5d759983c3351b076045e9
parent: f8c6bf6ae677663adbf91b882755e3f757fb1669 [diff] [blame]
diff --git a/drivers/video/fsl-diu-fb.c b/drivers/video/fsl-diu-fb.c
index 19bfbf5..3776949 100644
--- a/drivers/video/fsl-diu-fb.c
+++ b/drivers/video/fsl-diu-fb.c

@@ -655,7 +655,7 @@
 	struct fb_var_screeninfo *var = &info->var;
 	struct mfb_info *mfbi = info->par;
 
-	strncpy(fix->id, mfbi->id, strlen(mfbi->id));
+	strncpy(fix->id, mfbi->id, sizeof(fix->id));
 	fix->line_length = var->xres_virtual * var->bits_per_pixel / 8;
 	fix->type = FB_TYPE_PACKED_PIXELS;
 	fix->accel = FB_ACCEL_NONE;
commit	ec02dd23dc423cf019f660a63ac9c9d54840a473	[log] [tgz]
author	Timur Tabi <timur@freescale.com>	Thu Sep 15 16:44:54 2011 -0500
committer	Florian Tobias Schandinat <FlorianSchandinat@gmx.de>	Sun Sep 18 20:08:57 2011 +0000
tree	746c6f1e2284eebdad5d759983c3351b076045e9
parent	f8c6bf6ae677663adbf91b882755e3f757fb1669 [diff] [blame]