* [PATCH 09/13] drivers/video: fsl-diu-fb: fix potential memcpy buffer overflow bug
@ 2011-09-15 21:44 Timur Tabi
0 siblings, 0 replies; only message in thread
From: Timur Tabi @ 2011-09-15 21:44 UTC (permalink / raw)
To: linux-fbdev
It makes no sense to limit the size of a strncpy() to the length of
the source string.
Signed-off-by: Timur Tabi <timur@freescale.com>
---
drivers/video/fsl-diu-fb.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/drivers/video/fsl-diu-fb.c b/drivers/video/fsl-diu-fb.c
index 19bfbf5..3776949 100644
--- a/drivers/video/fsl-diu-fb.c
+++ b/drivers/video/fsl-diu-fb.c
@@ -655,7 +655,7 @@ static void set_fix(struct fb_info *info)
struct fb_var_screeninfo *var = &info->var;
struct mfb_info *mfbi = info->par;
- strncpy(fix->id, mfbi->id, strlen(mfbi->id));
+ strncpy(fix->id, mfbi->id, sizeof(fix->id));
fix->line_length = var->xres_virtual * var->bits_per_pixel / 8;
fix->type = FB_TYPE_PACKED_PIXELS;
fix->accel = FB_ACCEL_NONE;
--
1.7.3.4
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2011-09-15 21:44 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-09-15 21:44 [PATCH 09/13] drivers/video: fsl-diu-fb: fix potential memcpy buffer overflow bug Timur Tabi
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).