From 540cac991ac9a6c7cb68d2a6c035431cb3445829 Mon Sep 17 00:00:00 2001 From: Jiamin Ma Date: Fri, 19 Apr 2019 08:15:47 +0800 Subject: [PATCH] unifikey: fix kasan bug reported in name_store [1/1] PD#SWPL-7326 Problem: slab-out-of-bounds in strlen called by name_store Solution: Make sure the string passed to strlen is always '\0' ended Verify: Locally Change-Id: Ifd78a100c0e34ff9afb527ebe7b044ceb5c3505e Signed-off-by: Jiamin Ma --- drivers/amlogic/unifykey/unifykey.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/amlogic/unifykey/unifykey.c b/drivers/amlogic/unifykey/unifykey.c index c1e3524..d2a9fad 100644 --- a/drivers/amlogic/unifykey/unifykey.c +++ b/drivers/amlogic/unifykey/unifykey.c @@ -1277,7 +1277,7 @@ static ssize_t name_store(struct class *cla, } key_cnt = unifykey_count_key(&(ukdev->uk_header)); - name = kzalloc(count, GFP_KERNEL); + name = kzalloc(count + 1, GFP_KERNEL); if (!name) { pr_err("can't kzalloc mem,%s:%d\n", __func__, -- 2.7.4