git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Simon Horman <horms@kernel.org>
	Thu, 1 Aug 2024 18:35:37 +0000 (19:35 +0100)
committer	Jakub Kicinski <kuba@kernel.org>
	Sat, 3 Aug 2024 00:16:09 +0000 (17:16 -0700)
commit	6555a2a9212be6983d2319d65276484f7c5f431a
tree	10ca58110b9120458a19e0a7069c6bdfada5fae7	tree
parent	b71441b7542d35d48b886b02d808e8544153adda	commit \| diff

tipc: guard against string buffer overrun

Smatch reports that copying media_name and if_name to name_parts may
overwrite the destination.

.../bearer.c:166 bearer_name_validate() error: strcpy() 'media_name' too large for 'name_parts->media_name' (32 vs 16)
.../bearer.c:167 bearer_name_validate() error: strcpy() 'if_name' too large for 'name_parts->if_name' (1010102 vs 16)

This does seem to be the case so guard against this possibility by using
strscpy() and failing if truncation occurs.

Introduced by commit b97bf3fd8f6a ("[TIPC] Initial merge")

Compile tested only.

Reviewed-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Simon Horman <horms@kernel.org>
Link: https://patch.msgid.link/20240801-tipic-overrun-v2-1-c5b869d1f074@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>