Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933531Ab1C3VHz (ORCPT ); Wed, 30 Mar 2011 17:07:55 -0400 Received: from mga09.intel.com ([134.134.136.24]:61735 "EHLO mga09.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933516Ab1C3VHx (ORCPT ); Wed, 30 Mar 2011 17:07:53 -0400 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="4.63,270,1299484800"; d="scan'208";a="621237423" From: Andi Kleen References: <20110330203.501921634@firstfloor.org> In-Reply-To: <20110330203.501921634@firstfloor.org> To: tiwai@suse.de, gregkh@suse.de, ak@linux.intel.com, linux-kernel@vger.kernel.org, stable@kernel.org, tim.bird@am.sony.com Subject: [PATCH] [131/275] ALSA: caiaq - Fix possible string-buffer overflow Message-Id: <20110330210611.A08683E1A05@tassilo.jf.intel.com> Date: Wed, 30 Mar 2011 14:06:11 -0700 (PDT) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1943 Lines: 51 2.6.35-longterm review patch. If anyone has any objections, please let me know. ------------------ From: Takashi Iwai commit eaae55dac6b64c0616046436b294e69fc5311581 upstream. Use strlcpy() to assure not to overflow the string array sizes by too long USB device name string. Reported-by: Rafa Signed-off-by: Takashi Iwai Signed-off-by: Greg Kroah-Hartman Signed-off-by: Andi Kleen --- sound/usb/caiaq/audio.c | 2 +- sound/usb/caiaq/midi.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) Index: linux-2.6.35.y/sound/usb/caiaq/audio.c =================================================================== --- linux-2.6.35.y.orig/sound/usb/caiaq/audio.c 2011-03-29 22:51:15.343330571 -0700 +++ linux-2.6.35.y/sound/usb/caiaq/audio.c 2011-03-29 23:03:01.006274422 -0700 @@ -640,7 +640,7 @@ } dev->pcm->private_data = dev; - strcpy(dev->pcm->name, dev->product_name); + strlcpy(dev->pcm->name, dev->product_name, sizeof(dev->pcm->name)); memset(dev->sub_playback, 0, sizeof(dev->sub_playback)); memset(dev->sub_capture, 0, sizeof(dev->sub_capture)); Index: linux-2.6.35.y/sound/usb/caiaq/midi.c =================================================================== --- linux-2.6.35.y.orig/sound/usb/caiaq/midi.c 2011-03-29 22:51:15.342330597 -0700 +++ linux-2.6.35.y/sound/usb/caiaq/midi.c 2011-03-29 23:03:01.007274396 -0700 @@ -136,7 +136,7 @@ if (ret < 0) return ret; - strcpy(rmidi->name, device->product_name); + strlcpy(rmidi->name, device->product_name, sizeof(rmidi->name)); rmidi->info_flags = SNDRV_RAWMIDI_INFO_DUPLEX; rmidi->private_data = device; -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/