--- /dev/null
+From 55f53567afe5f0cd2fd9e006b174c08c31c466f8 Mon Sep 17 00:00:00 2001
+From: Florian Fainelli <f.fainelli@gmail.com>
+Date: Fri, 2 Mar 2018 15:08:38 -0800
+Subject: net: phy: micrel: Use strlcpy() for ethtool::get_strings
+
+From: Florian Fainelli <f.fainelli@gmail.com>
+
+commit 55f53567afe5f0cd2fd9e006b174c08c31c466f8 upstream.
+
+Our statistics strings are allocated at initialization without being
+bound to a specific size, yet, we would copy ETH_GSTRING_LEN bytes using
+memcpy() which would create out of bounds accesses, this was flagged by
+KASAN. Replace this with strlcpy() to make sure we are bound the source
+buffer size and we also always NUL-terminate strings.
+
+Fixes: 2b2427d06426 ("phy: micrel: Add ethtool statistics counters")
+Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ drivers/net/phy/micrel.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/drivers/net/phy/micrel.c
++++ b/drivers/net/phy/micrel.c
+@@ -677,8 +677,8 @@ static void kszphy_get_strings(struct ph
+ int i;
+
+ for (i = 0; i < ARRAY_SIZE(kszphy_hw_stats); i++) {
+- memcpy(data + i * ETH_GSTRING_LEN,
+- kszphy_hw_stats[i].string, ETH_GSTRING_LEN);
++ strlcpy(data + i * ETH_GSTRING_LEN,
++ kszphy_hw_stats[i].string, ETH_GSTRING_LEN);
+ }
+ }
+
gcc-10-warnings-fix-low-hanging-fruit.patch
kbuild-compute-false-positive-wmaybe-uninitialized-cases-in-kconfig.patch
stop-the-ad-hoc-games-with-wno-maybe-initialized.patch
+net-phy-micrel-use-strlcpy-for-ethtool-get_strings.patch
gcc-10-disable-zero-length-bounds-warning-for-now.patch
gcc-10-disable-array-bounds-warning-for-now.patch
gcc-10-disable-stringop-overflow-warning-for-now.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
