[PATCH] Staging: ath6kl: fix potential buffer overflow
Vipin Mehta
vmehta at atheros.com
Wed Dec 29 01:06:57 UTC 2010
On Tue, Dec 28, 2010 at 04:59:08PM -0800, Phillip Simbwa wrote:
> Off by one
>
> Signed-off-by: Phillip Simbwa <simbwa at gmail dot com>
>
>
> --- orig/drivers/staging/ath6kl/miscdrv/ar3kps/ar3kpsconfig.c 2010-12-19 15:52:56.764479706 +0300
> +++ devel/drivers/staging/ath6kl/miscdrv/ar3kps/ar3kpsconfig.c 2010-12-29 03:56:21.855890791 +0300
> @@ -360,8 +360,8 @@
> status = 1;
> goto complete;
> }
> - len = (firmware->size > MAX_BDADDR_FORMAT_LENGTH)? MAX_BDADDR_FORMAT_LENGTH: firmware->size;
> - memcpy(config_bdaddr, firmware->data,len);
> + len = min(firmware->size, MAX_BDADDR_FORMAT_LENGTH - 1);
> + memcpy(config_bdaddr, firmware->data, len);
> config_bdaddr[len] = '\0';
> write_bdaddr(hdev,config_bdaddr,BDADDR_TYPE_STRING);
> A_RELEASE_FIRMWARE(firmware);
LGTM.
More information about the devel
mailing list