staging: fbtft: Fix buffer overflow vulnerability

Module copies a user supplied string (module parameter) into a buffer using strncpy() and does not check that the buffer is null terminated. Replace call to strncpy() with call to strlcpy() ensuring that the buffer is null terminated. Signed-off-by: Tobin C. Harding <me@tobin.cc> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

staging: fbtft: Fix buffer overflow vulnerability
Module copies a user supplied string (module parameter) into a buffer using strncpy() and does not check that the buffer is null terminated. Replace call to strncpy() with call to strlcpy() ensuring that the buffer is null terminated. Signed-off-by: Tobin C. Harding <me@tobin.cc> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
8414fe11 · Tobin C. Harding · Greg Kroah-Hartman · ca5af1f3 · 8414fe11
Commit 8414fe11 authored Feb 15, 2017 by Tobin C. Harding Committed by Greg Kroah-Hartman Mar 06, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

drivers/staging/fbtft/fbtft_device.c drivers/staging/fbtft/fbtft_device.c +1 -1

No files found.
--- a/drivers/staging/fbtft/fbtft_device.c
+++ b/drivers/staging/fbtft/fbtft_device.c
@@ -1483,7 +1483,7 @@ static int __init fbtft_device_init(void)
 			displays[i].pdev->name = name;
 			displays[i].spi = NULL;
 		} else {
-			strncpy(displays[i].spi->modalias, name, SPI_NAME_SIZE);
+			strlcpy(displays[i].spi->modalias, name, SPI_NAME_SIZE);
 			displays[i].pdev = NULL;
 		}
 	}