projects / platform / kernel / linux-rpi.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f0e386e)
printk: fix string termination for record_print_text()
authorJohn Ogness <john.ogness@linutronix.de>
Sun, 24 Jan 2021 20:27:28 +0000 (21:33 +0106)
committerPetr Mladek <pmladek@suse.com>
Mon, 25 Jan 2021 09:37:08 +0000 (10:37 +0100)
Commit f0e386ee0c0b ("printk: fix buffer overflow potential for
print_text()") added string termination in record_print_text().
However it used the wrong base pointer for adding the terminator.
This led to a 0-byte being written somewhere beyond the buffer.

Use the correct base pointer when adding the terminator.

Fixes: f0e386ee0c0b ("printk: fix buffer overflow potential for print_text()")
Reported-by: Sven Schnelle <svens@linux.ibm.com>
Signed-off-by: John Ogness <john.ogness@linutronix.de>
Signed-off-by: Petr Mladek <pmladek@suse.com>
Link: https://lore.kernel.org/r/20210124202728.4718-1-john.ogness@linutronix.de
kernel/printk/printk.c patch | blob | history

diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c
index 17fa6dc..c55cd18 100644 (file)
--- a/kernel/printk/printk.c
+++ b/kernel/printk/printk.c
@@ -1399,7 +1399,7 @@ static size_t record_print_text(struct printk_record *r, bool syslog,
         * not counted in the return value.
         */
        if (buf_size > 0)
-               text[len] = 0;
+               r->text_buf[len] = 0;
 
        return len;
 }
Domain: System / Kernel;