From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3C490C433DF for ; Mon, 18 May 2020 17:44:22 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 15C9F20657 for ; Mon, 18 May 2020 17:44:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1589823862; bh=QO9TZvUO7IE6Ksg12DGblAXw8sMQrH5Vu4SkEHvgSEQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=yJrFi8nhePpqRLbmSAQnfBU3JkKhqsaMXoqPZtDgfC8ambeOGDMjkqw6Jv+aWj8rP 3OYJvsMBJBJ8w+QbfQ1V+h8kCui5RNZyOjzOpECCCj//yvBs599lzXcLkasCpZhCcu AYFUnYVPYGvBC2NP4cm2tw/DA+MKEudRC7l7Wc8A= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729732AbgERRoV (ORCPT ); Mon, 18 May 2020 13:44:21 -0400 Received: from mail.kernel.org ([198.145.29.99]:42406 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728632AbgERRoQ (ORCPT ); Mon, 18 May 2020 13:44:16 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 4D60E20715; Mon, 18 May 2020 17:44:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1589823855; bh=QO9TZvUO7IE6Ksg12DGblAXw8sMQrH5Vu4SkEHvgSEQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=QZWW0NQjPRsGmGZEIAIgP8l1KU5L8OUAEODQlXPyxK1v7n4r5eGEyJlt+GOGv+KbZ Tt0jkEFL9dgMRy2gub+mfkR+P8h2O9jEgt4qyFL7v2lPSuoNHZW+48E17OMNQ78yvw +GgtZ5XS4dKE7SUT2IxkbAZL5YOZWjfg833nCmlE= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Florian Fainelli , "David S. Miller" Subject: [PATCH 4.9 62/90] net: phy: micrel: Use strlcpy() for ethtool::get_strings Date: Mon, 18 May 2020 19:36:40 +0200 Message-Id: <20200518173503.737543425@linuxfoundation.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200518173450.930655662@linuxfoundation.org> References: <20200518173450.930655662@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Florian Fainelli commit 55f53567afe5f0cd2fd9e006b174c08c31c466f8 upstream. Our statistics strings are allocated at initialization without being bound to a specific size, yet, we would copy ETH_GSTRING_LEN bytes using memcpy() which would create out of bounds accesses, this was flagged by KASAN. Replace this with strlcpy() to make sure we are bound the source buffer size and we also always NUL-terminate strings. Fixes: 2b2427d06426 ("phy: micrel: Add ethtool statistics counters") Signed-off-by: Florian Fainelli Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- drivers/net/phy/micrel.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/drivers/net/phy/micrel.c +++ b/drivers/net/phy/micrel.c @@ -677,8 +677,8 @@ static void kszphy_get_strings(struct ph int i; for (i = 0; i < ARRAY_SIZE(kszphy_hw_stats); i++) { - memcpy(data + i * ETH_GSTRING_LEN, - kszphy_hw_stats[i].string, ETH_GSTRING_LEN); + strlcpy(data + i * ETH_GSTRING_LEN, + kszphy_hw_stats[i].string, ETH_GSTRING_LEN); } }