mirror of
https://github.com/torvalds/linux.git
synced 2024-12-29 06:12:08 +00:00
caif: add a sanity check to the tty name
"tty->name" and "name" are a 64 character buffers. My static checker complains because we add the "cf" on the front so it look like we are copying a 66 character string into a 64 character buffer. Also if the name is larger than IFNAMSIZ (16) it triggers a BUG_ON() inside the call to alloc_netdev(). This is all under CAP_SYS_ADMIN so it's not a security fix, it just adds a little robustness. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
0b536be7b9
commit
cab6ce9ebe
@ -347,7 +347,9 @@ static int ldisc_open(struct tty_struct *tty)
|
||||
/* release devices to avoid name collision */
|
||||
ser_release(NULL);
|
||||
|
||||
sprintf(name, "cf%s", tty->name);
|
||||
result = snprintf(name, sizeof(name), "cf%s", tty->name);
|
||||
if (result >= IFNAMSIZ)
|
||||
return -EINVAL;
|
||||
dev = alloc_netdev(sizeof(*ser), name, caifdev_setup);
|
||||
if (!dev)
|
||||
return -ENOMEM;
|
||||
|
Loading…
Reference in New Issue
Block a user