From: Greg Kroah-Hartman Date: Sun, 17 May 2020 15:28:56 +0000 (+0200) Subject: 4.9-stable patches X-Git-Tag: v4.4.224~40 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=9cf59a0cb6dedc01ca071ec9fce05da50c33b993;p=thirdparty%2Fkernel%2Fstable-queue.git 4.9-stable patches added patches: net-phy-micrel-use-strlcpy-for-ethtool-get_strings.patch --- diff --git a/queue-4.9/net-phy-micrel-use-strlcpy-for-ethtool-get_strings.patch b/queue-4.9/net-phy-micrel-use-strlcpy-for-ethtool-get_strings.patch new file mode 100644 index 00000000000..6a4366319c7 --- /dev/null +++ b/queue-4.9/net-phy-micrel-use-strlcpy-for-ethtool-get_strings.patch @@ -0,0 +1,37 @@ +From 55f53567afe5f0cd2fd9e006b174c08c31c466f8 Mon Sep 17 00:00:00 2001 +From: Florian Fainelli +Date: Fri, 2 Mar 2018 15:08:38 -0800 +Subject: net: phy: micrel: Use strlcpy() for ethtool::get_strings + +From: Florian Fainelli + +commit 55f53567afe5f0cd2fd9e006b174c08c31c466f8 upstream. + +Our statistics strings are allocated at initialization without being +bound to a specific size, yet, we would copy ETH_GSTRING_LEN bytes using +memcpy() which would create out of bounds accesses, this was flagged by +KASAN. Replace this with strlcpy() to make sure we are bound the source +buffer size and we also always NUL-terminate strings. + +Fixes: 2b2427d06426 ("phy: micrel: Add ethtool statistics counters") +Signed-off-by: Florian Fainelli +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/net/phy/micrel.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/drivers/net/phy/micrel.c ++++ b/drivers/net/phy/micrel.c +@@ -677,8 +677,8 @@ static void kszphy_get_strings(struct ph + int i; + + for (i = 0; i < ARRAY_SIZE(kszphy_hw_stats); i++) { +- memcpy(data + i * ETH_GSTRING_LEN, +- kszphy_hw_stats[i].string, ETH_GSTRING_LEN); ++ strlcpy(data + i * ETH_GSTRING_LEN, ++ kszphy_hw_stats[i].string, ETH_GSTRING_LEN); + } + } + diff --git a/queue-4.9/series b/queue-4.9/series index d90f0f14edf..b4cc7d65251 100644 --- a/queue-4.9/series +++ b/queue-4.9/series @@ -59,6 +59,7 @@ pnp-use-list_for_each_entry-instead-of-open-coding.patch gcc-10-warnings-fix-low-hanging-fruit.patch kbuild-compute-false-positive-wmaybe-uninitialized-cases-in-kconfig.patch stop-the-ad-hoc-games-with-wno-maybe-initialized.patch +net-phy-micrel-use-strlcpy-for-ethtool-get_strings.patch gcc-10-disable-zero-length-bounds-warning-for-now.patch gcc-10-disable-array-bounds-warning-for-now.patch gcc-10-disable-stringop-overflow-warning-for-now.patch