Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp2906630ybk; Mon, 18 May 2020 10:49:04 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzCQMTmxVfzCN5MCZhZz2X/15HT3kIMGBlpVlnxcF8caorw8Aec5HKSagR2ahCMa6K8C5Nv X-Received: by 2002:a17:907:2649:: with SMTP id ar9mr15327572ejc.375.1589824143816; Mon, 18 May 2020 10:49:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1589824143; cv=none; d=google.com; s=arc-20160816; b=VUXs9RAp6GckPCTeUGks5yYwtegsx3tGOiLWKPCzZ+JLgP3OsQsflsqMsdf2yk72I8 k6f0AWdo/QxhwDKASHT9NTnBu/89pzqkv40ahBpY36SOv1R8L/HeRaQWSUY2pcQrGjrQ HBLJsQ56ZhcMBt4oyfAt15/sf3cnuQpkj+ioaxb6yltRhOePwIHM1qt8+mHbVgAO5H9H a3+DzhdqwrmVL2Yumn9ZSRTpFQpIMH5JPQ6TlB7BAGuAPLaRLqMVSW+TZhJtx7CIMhCk J1s35+I1+tBHI8IVhS1UffOqvrYtLOMSzRRQS62lU06GPK8iZ8ZZgGLPItvl4baOOROQ zC0w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=gEsQ1Wz5zsJdwbydehEt8hIJ2d9GWGGmDg0Oug1rBoA=; b=pnsyMq72wBjtNl6of/n9MYgUhah24KuboJfSX7l2G0V6AJcGc3o8SjoVQzQBpyhBaT uMtTRJqq8S3zh0yYDPJXTglwp/X/SmzQFf6D3N1SYL5lcKygEPFeJR9AEirSBepLR3aq +5jsCU+t99zVvPvvXnRQ8Q8tb5QVwiRqzMbzOQNnpydDBrQJ/9/vg4JhYp0dAH/OVwSQ l7Tnb35a6GFKLPZmlAJ+G+nttwHBiIKxMTDsdBmdHHYXK6ZayerFKiKLz9TIKN3KQS0Q 77GQxJ07wegFNpp6unH4szHoq2/H5ynfECmqAw7qWFl+vtkxZnZIqnndf4be8XRkxGSS yzYg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=QZWW0NQj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id x24si7362269ejc.301.2020.05.18.10.48.40; Mon, 18 May 2020 10:49:03 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=QZWW0NQj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729723AbgERRoU (ORCPT + 99 others); Mon, 18 May 2020 13:44:20 -0400 Received: from mail.kernel.org ([198.145.29.99]:42406 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728632AbgERRoQ (ORCPT ); Mon, 18 May 2020 13:44:16 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 4D60E20715; Mon, 18 May 2020 17:44:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1589823855; bh=QO9TZvUO7IE6Ksg12DGblAXw8sMQrH5Vu4SkEHvgSEQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=QZWW0NQjPRsGmGZEIAIgP8l1KU5L8OUAEODQlXPyxK1v7n4r5eGEyJlt+GOGv+KbZ Tt0jkEFL9dgMRy2gub+mfkR+P8h2O9jEgt4qyFL7v2lPSuoNHZW+48E17OMNQ78yvw +GgtZ5XS4dKE7SUT2IxkbAZL5YOZWjfg833nCmlE= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Florian Fainelli , "David S. Miller" Subject: [PATCH 4.9 62/90] net: phy: micrel: Use strlcpy() for ethtool::get_strings Date: Mon, 18 May 2020 19:36:40 +0200 Message-Id: <20200518173503.737543425@linuxfoundation.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200518173450.930655662@linuxfoundation.org> References: <20200518173450.930655662@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Florian Fainelli commit 55f53567afe5f0cd2fd9e006b174c08c31c466f8 upstream. Our statistics strings are allocated at initialization without being bound to a specific size, yet, we would copy ETH_GSTRING_LEN bytes using memcpy() which would create out of bounds accesses, this was flagged by KASAN. Replace this with strlcpy() to make sure we are bound the source buffer size and we also always NUL-terminate strings. Fixes: 2b2427d06426 ("phy: micrel: Add ethtool statistics counters") Signed-off-by: Florian Fainelli Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- drivers/net/phy/micrel.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/drivers/net/phy/micrel.c +++ b/drivers/net/phy/micrel.c @@ -677,8 +677,8 @@ static void kszphy_get_strings(struct ph int i; for (i = 0; i < ARRAY_SIZE(kszphy_hw_stats); i++) { - memcpy(data + i * ETH_GSTRING_LEN, - kszphy_hw_stats[i].string, ETH_GSTRING_LEN); + strlcpy(data + i * ETH_GSTRING_LEN, + kszphy_hw_stats[i].string, ETH_GSTRING_LEN); } }