From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-owner@vger.kernel.org>
Received: from mail.kernel.org ([198.145.29.99]:54780 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726020AbeKRAyK (ORCPT <rfc822;stable@vger.kernel.org>);
        Sat, 17 Nov 2018 19:54:10 -0500
Date: Sat, 17 Nov 2018 09:37:12 -0500
From: Sasha Levin <sashal@kernel.org>
To: Loic <hackurx@opensec.fr>
Cc: stable@vger.kernel.org, danielmicay@gmail.com,
        keescook@chromium.org, davem@davemloft.net
Subject: Re: [PATCH] bna: ethtool: Avoid reading past end of buffer
Message-ID: <20181117143712.GN1706@sasha-vm>
References: <20181109135257.f7e5d75d717c40381c9f3ed8@opensec.fr>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
In-Reply-To: <20181109135257.f7e5d75d717c40381c9f3ed8@opensec.fr>
Sender: stable-owner@vger.kernel.org
List-ID: <stable.vger.kernel.org>

On Fri, Nov 09, 2018 at 01:52:57PM +0100, Loic wrote:
>Hello,
>
>Please picked up this patch for linux 4.4 and 4.9.
>Compiled/tested without problem.
>
>Thank.
>
>[ Upstream commit 4dc69c1c1fff2f587f8e737e70b4a4e7565a5c94 ]
>
>From: Kees Cook <keescook@chromium.org>
>Date: Fri, 5 May 2017 15:30:23 -0700
>Subject: [PATCH] bna: ethtool: Avoid reading past end of buffer
>
>Using memcpy() from a string that is shorter than the length copied means
>the destination buffer is being filled with arbitrary data from the kernel
>rodata segment. Instead, use strncpy() which will fill the trailing bytes
>with zeros.
>
>This was found with the future CONFIG_FORTIFY_SOURCE feature.
>
>Cc: Daniel Micay <danielmicay@gmail.com>
>Signed-off-by: Kees Cook <keescook@chromium.org>
>Signed-off-by: David S. Miller <davem@davemloft.net>

Queued for 4.9 and 4.4, thank you.

--
Thanks,
Sasha