of/device: Prevent buffer overflow in of_device_modalias()
authorBjorn Andersson <bjorn.andersson@linaro.org>
Thu, 24 Aug 2017 01:04:04 +0000 (18:04 -0700)
committerRob Herring <robh@kernel.org>
Thu, 24 Aug 2017 16:52:38 +0000 (11:52 -0500)
commit08ab58d9de3eb8498ae0585001d0975e46217a39
tree1c2ce257d07973ec01dc87aa4764f1a0cce18bf0
parent3cffda2575168054c6c7871fd076f415b49bb547
of/device: Prevent buffer overflow in of_device_modalias()

As of_device_get_modalias() returns the number of bytes that would have
been written to the target string, regardless of how much did fit in the
buffer, it's possible that the returned index points beyond the buffer
passed to of_device_modalias() - causing memory beyond the buffer to be
null terminated.

Fixes: 0634c2958927 ("of: Add function for generating a DT modalias with a newline")
Cc: Rob Herring <robh@kernel.org>
Cc: stable@vger.kernel.org
Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org>
Signed-off-by: Rob Herring <robh@kernel.org>
drivers/of/device.c