drivers/video: fsl-diu-fb: fix potential memcpy buffer overflow bug
It makes no sense to limit the size of a strncpy() to the length of the source string. Signed-off-by: Timur Tabi <timur@freescale.com> Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>
This commit is contained in:
parent
f8c6bf6ae6
commit
ec02dd23dc
|
@ -655,7 +655,7 @@ static void set_fix(struct fb_info *info)
|
||||||
struct fb_var_screeninfo *var = &info->var;
|
struct fb_var_screeninfo *var = &info->var;
|
||||||
struct mfb_info *mfbi = info->par;
|
struct mfb_info *mfbi = info->par;
|
||||||
|
|
||||||
strncpy(fix->id, mfbi->id, strlen(mfbi->id));
|
strncpy(fix->id, mfbi->id, sizeof(fix->id));
|
||||||
fix->line_length = var->xres_virtual * var->bits_per_pixel / 8;
|
fix->line_length = var->xres_virtual * var->bits_per_pixel / 8;
|
||||||
fix->type = FB_TYPE_PACKED_PIXELS;
|
fix->type = FB_TYPE_PACKED_PIXELS;
|
||||||
fix->accel = FB_ACCEL_NONE;
|
fix->accel = FB_ACCEL_NONE;
|
||||||
|
|
Loading…
Reference in New Issue