OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net/irda
History
Chen Gang ff0102ee10 net: irda: using kzalloc() instead of kmalloc() to avoid strncpy() issue. 
'discovery->data.info' length is 22, NICKNAME_MAX_LEN is 21, so the
strncpy() will always left the last byte of 'discovery->data.info'
uninitialized.

When 'text' length is longer than 21 (NICKNAME_MAX_LEN), if still left
the last byte of 'discovery->data.info' uninitialized, the next
strlen() will cause issue.

Also 'discovery->data' is 'struct irda_device_info' which defined in
"include/uapi/...", it may copy to user mode, so need whole initialized.

All together, need use kzalloc() instead of kmalloc() to initialize all
members firstly.

Signed-off-by: Chen Gang <gang.chen@asianux.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2013-05-19 15:10:47 -07:00
..
ircomm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-05-01 14:08:52 -07:00
irlan
irnet irda: buffer overflow in irnet_ctrl_read() 2013-01-27 20:38:19 -05:00
Kconfig
Makefile
af_irda.c irda: use GFP_KERNEL in irda_connect_response() 2013-04-08 12:09:18 -04:00
discovery.c
irda_device.c
iriap.c irda: small read past the end of array in debug code 2013-04-19 17:32:31 -04:00
iriap_event.c
irias_object.c
irlap.c
irlap_event.c
irlap_frame.c net: irda: using kzalloc() instead of kmalloc() to avoid strncpy() issue. 2013-05-19 15:10:47 -07:00
irlmp.c irda: irlmp_reasons[] can be static 2013-04-25 01:42:06 -04:00
irlmp_event.c
irlmp_frame.c
irmod.c
irnetlink.c
irproc.c
irqueue.c
irsysctl.c
irttp.c irda: irttp: fix memory leak in irttp_open_tsap() error path 2012-11-28 11:25:29 -05:00
parameters.c
qos.c
timer.c treewide: Replace incomming with incoming in all comments and strings 2013-01-03 16:15:49 +01:00
wrapper.c