Merge branch 'ensure-the-copied-buf-is-nul-terminated' - starfive-tech/linux.git - StarFive Tech Linux Kernel for VisionFive (JH7110) boards (mirror)

diff options

author	Jakub Kicinski <kuba@kernel.org>	2024-04-26 05:23:51 +0300
committer	Jakub Kicinski <kuba@kernel.org>	2024-04-26 05:23:51 +0300
commit	a5b1051ad5a7028a4a5a2f569f8caf3a56c7163c (patch)
tree	372ccd84a71818b0731f7ef829fbb527541f6d7f /net/nsh/nsh.c
parent	52afb15e9d9a021ab6eec923a087ec9f518cb713 (diff)
parent	f299ee709fb45036454ca11e90cb2810fe771878 (diff)
download	linux-a5b1051ad5a7028a4a5a2f569f8caf3a56c7163c.tar.xz

Merge branch 'ensure-the-copied-buf-is-nul-terminated'

Bui Quang Minh says: ==================== Ensure the copied buf is NUL terminated (part) I found that some drivers contains an out-of-bound read pattern like this kern_buf = memdup_user(user_buf, count); ... sscanf(kern_buf, ...); The sscanf can be replaced by some other string-related functions. This pattern can lead to out-of-bound read of kern_buf in string-related functions. This series fix the above issue by replacing memdup_user with memdup_user_nul. v1: https://lore.kernel.org/r/20240422-fix-oob-read-v1-0-e02854c30174@gmail.com ==================== Link: https://lore.kernel.org/r/20240424-fix-oob-read-v2-0-f1f1b53a10f4@gmail.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>

Diffstat (limited to 'net/nsh/nsh.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: