* [PATCH] monitor/l2cap: Fix buffer overflow issue
@ 2014-12-15 13:59 Gowtham Anandha Babu
2014-12-16 12:31 ` Johan Hedberg
0 siblings, 1 reply; 2+ messages in thread
From: Gowtham Anandha Babu @ 2014-12-15 13:59 UTC (permalink / raw)
To: linux-bluetooth; +Cc: d.kasatkin, bharat.panda, cpgs, Gowtham Anandha Babu
String copy function overflows destination buffer.
strcat(str, "LinkKey ");
^~~~~~~~~~~~~~~~~~~~~~~
---
monitor/l2cap.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/monitor/l2cap.c b/monitor/l2cap.c
index 6d9b1ce..27341fd 100644
--- a/monitor/l2cap.c
+++ b/monitor/l2cap.c
@@ -2379,7 +2379,7 @@ static void print_smp_auth_req(uint8_t auth_req)
static void print_smp_key_dist(const char *label, uint8_t dist)
{
- char str[19];
+ char str[27];
if (!(dist & 0x07)) {
strcpy(str, "<none> ");
--
1.9.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] monitor/l2cap: Fix buffer overflow issue
2014-12-15 13:59 [PATCH] monitor/l2cap: Fix buffer overflow issue Gowtham Anandha Babu
@ 2014-12-16 12:31 ` Johan Hedberg
0 siblings, 0 replies; 2+ messages in thread
From: Johan Hedberg @ 2014-12-16 12:31 UTC (permalink / raw)
To: Gowtham Anandha Babu; +Cc: linux-bluetooth, d.kasatkin, bharat.panda, cpgs
Hi Gowtham,
On Mon, Dec 15, 2014, Gowtham Anandha Babu wrote:
> String copy function overflows destination buffer.
> strcat(str, "LinkKey ");
> ^~~~~~~~~~~~~~~~~~~~~~~
> ---
> monitor/l2cap.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
Applied. Thanks.
Johan
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-12-16 12:31 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-12-15 13:59 [PATCH] monitor/l2cap: Fix buffer overflow issue Gowtham Anandha Babu
2014-12-16 12:31 ` Johan Hedberg
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).