projects / platform / kernel / linux-starfive.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b99070c)
drm/modes: Use strscpy() to copy command-line mode name
authorMaxime Ripard <maxime@cerno.tech>
Mon, 28 Nov 2022 08:19:37 +0000 (09:19 +0100)
committerMaxime Ripard <maxime@cerno.tech>
Thu, 1 Dec 2022 10:12:44 +0000 (11:12 +0100)
The mode name in struct drm_cmdline_mode can hold 32 characters at most,
which can easily get overrun. Switch to strscpy() to prevent such a
thing.

Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
Addresses-Coverity-ID: 1527354 ("Security best practices violations")
Fixes: a7ab155397dd ("drm/modes: Switch to named mode descriptors")
Reviewed-by: Javier Martinez Canillas <javierm@redhat.com>
Link: https://lore.kernel.org/r/20221128081938.742410-2-maxime@cerno.tech
Signed-off-by: Maxime Ripard <maxime@cerno.tech>
drivers/gpu/drm/drm_modes.c patch | blob | history

diff --git a/drivers/gpu/drm/drm_modes.c b/drivers/gpu/drm/drm_modes.c
index 699c66e..be030f4 100644 (file)
--- a/drivers/gpu/drm/drm_modes.c
+++ b/drivers/gpu/drm/drm_modes.c
@@ -2316,7 +2316,7 @@ static int drm_mode_parse_cmdline_named_mode(const char *name,
                if (ret != name_end)
                        continue;
 
-               strcpy(cmdline_mode->name, mode->name);
+               strscpy(cmdline_mode->name, mode->name, sizeof(cmdline_mode->name));
                cmdline_mode->pixel_clock = mode->pixel_clock_khz;
                cmdline_mode->xres = mode->xres;
                cmdline_mode->yres = mode->yres;
Domain: System / Kernel;