stable.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	stable@vger.kernel.org, Bart Van Assche <bart.vanassche@wdc.com>,
	Tyrel Datwyler <tyreld@linux.vnet.ibm.com>,
	Breno Leitao <leitao@debian.org>,
	"Martin K. Petersen" <martin.petersen@oracle.com>,
	Sasha Levin <alexander.levin@microsoft.com>
Subject: [PATCH 4.9 24/94] scsi: ibmvscsi: Improve strings handling
Date: Tue,  2 Oct 2018 06:24:38 -0700	[thread overview]
Message-ID: <20181002132502.191082577@linuxfoundation.org> (raw)
In-Reply-To: <20181002132500.494838053@linuxfoundation.org>

4.9-stable review patch.  If anyone has any objections, please let me know.

------------------

From: Breno Leitao <leitao@debian.org>

[ Upstream commit 1262dc09dc9ae7bf4ad00b6a2c5ed6a6936bcd10 ]

Currently an open firmware property is copied into partition_name variable
without keeping a room for \0.

Later one, this variable (partition_name), which is 97 bytes long, is
strncpyed into ibmvcsci_host_data->madapter_info->partition_name, which is
96 bytes long, possibly truncating it 'again' and removing the \0.

This patch simply decreases the partition name to 96 and just copy using
strlcpy() which guarantees that the string is \0 terminated. I think there
is no issue if this there is a truncation in this very first copy, i.e,
when the open firmware property is read and copied into the driver for the
very first time;

This issue also causes the following warning on GCC 8:

	drivers/scsi/ibmvscsi/ibmvscsi.c:281:2: warning:  strncpy  output may be truncated copying 96 bytes from a string of length 96 [-Wstringop-truncation]
	...
	inlined from  ibmvscsi_probe  at drivers/scsi/ibmvscsi/ibmvscsi.c:2221:7:
	drivers/scsi/ibmvscsi/ibmvscsi.c:265:3: warning:  strncpy  specified bound 97 equals destination size [-Wstringop-truncation]

CC: Bart Van Assche <bart.vanassche@wdc.com>
CC: Tyrel Datwyler <tyreld@linux.vnet.ibm.com>
Signed-off-by: Breno Leitao <leitao@debian.org>
Acked-by: Tyrel Datwyler <tyreld@linux.vnet.ibm.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 drivers/scsi/ibmvscsi/ibmvscsi.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

--- a/drivers/scsi/ibmvscsi/ibmvscsi.c
+++ b/drivers/scsi/ibmvscsi/ibmvscsi.c
@@ -93,7 +93,7 @@ static int max_requests = IBMVSCSI_MAX_R
 static int max_events = IBMVSCSI_MAX_REQUESTS_DEFAULT + 2;
 static int fast_fail = 1;
 static int client_reserve = 1;
-static char partition_name[97] = "UNKNOWN";
+static char partition_name[96] = "UNKNOWN";
 static unsigned int partition_number = -1;
 
 static struct scsi_transport_template *ibmvscsi_transport_template;
@@ -259,7 +259,7 @@ static void gather_partition_info(void)
 
 	ppartition_name = of_get_property(of_root, "ibm,partition-name", NULL);
 	if (ppartition_name)
-		strncpy(partition_name, ppartition_name,
+		strlcpy(partition_name, ppartition_name,
 				sizeof(partition_name));
 	p_number_ptr = of_get_property(of_root, "ibm,partition-no", NULL);
 	if (p_number_ptr)

  parent reply	other threads:[~2018-10-02 20:19 UTC|newest]

Thread overview: 99+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-10-02 13:24 [PATCH 4.9 00/94] 4.9.131-stable review Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 01/94] crypto: skcipher - Fix -Wstringop-truncation warnings Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 02/94] tsl2550: fix lux1_input error in low light Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 03/94] vmci: type promotion bug in qp_host_get_user_memory() Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 04/94] x86/numa_emulation: Fix emulated-to-physical node mapping Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 05/94] staging: rts5208: fix missing error check on call to rtsx_write_register Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 06/94] uwb: hwa-rc: fix memory leak at probe Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 07/94] power: vexpress: fix corruption in notifier registration Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 08/94] iommu/amd: make sure TLB to be flushed before IOVA freed Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 09/94] Bluetooth: Add a new Realtek 8723DE ID 0bda:b009 Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 10/94] USB: serial: kobil_sct: fix modem-status error handling Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 11/94] 6lowpan: iphc: reset mac_header after decompress to fix panic Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 12/94] s390/mm: correct allocate_pgste proc_handler callback Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 13/94] power: remove possible deadlock when unregistering power_supply Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 14/94] md-cluster: clear another nodes suspend_area after the copy is finished Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 15/94] IB/core: type promotion bug in rdma_rw_init_one_mr() Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 16/94] media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt() Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 17/94] powerpc/kdump: Handle crashkernel memory reservation failure Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 18/94] media: fsl-viu: fix error handling in viu_of_probe() Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 19/94] x86/tsc: Add missing header to tsc_msr.c Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 20/94] ARM: hwmod: RTC: Dont assume lock/unlock will be called with irq enabled Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 21/94] x86/entry/64: Add two more instruction suffixes Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 22/94] scsi: target/iscsi: Make iscsit_ta_authentication() respect the output buffer size Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 23/94] scsi: klist: Make it safe to use klists in atomic context Greg Kroah-Hartman
2018-10-02 13:24 ` Greg Kroah-Hartman [this message]
2018-10-02 13:24 ` [PATCH 4.9 25/94] usb: wusbcore: security: cast sizeof to int for comparison Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 26/94] powerpc/powernv/ioda2: Reduce upper limit for DMA window size Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 27/94] alarmtimer: Prevent overflow for relative nanosleep Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 28/94] s390/extmem: fix gcc 8 stringop-overflow warning Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 29/94] ALSA: snd-aoa: add of_node_put() in error path Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 30/94] media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 31/94] media: soc_camera: ov772x: correct setting of banding filter Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 32/94] media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 33/94] staging: android: ashmem: Fix mmap size validation Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 34/94] drivers/tty: add error handling for pcmcia_loop_config Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 35/94] media: tm6000: add error handling for dvb_register_adapter Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 36/94] ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 37/94] net: phy: xgmiitorgmii: Check read_status results Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 38/94] ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 39/94] net: phy: xgmiitorgmii: Check phy_driver ready before accessing Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 40/94] drm/sun4i: Fix releasing node when enumerating enpoints Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 41/94] rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 42/94] wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout() Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 43/94] ARM: mvebu: declare asm symbols as character arrays in pmsu.c Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 44/94] HID: hid-ntrig: add error handling for sysfs_create_group Greg Kroah-Hartman
2018-10-02 13:24 ` [PATCH 4.9 45/94] perf/x86/intel/lbr: Fix incomplete LBR call stack Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 46/94] scsi: bnx2i: add error handling for ioremap_nocache Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 47/94] scsi: megaraid_sas: Update controller info during resume Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 48/94] EDAC, i7core: Fix memleaks and use-after-free on probe and remove Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 49/94] ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 50/94] module: exclude SHN_UNDEF symbols from kallsyms api Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 51/94] gpio: Fix wrong rounding in gpio-menz127 Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 52/94] nfsd: fix corrupted reply to badly ordered compound Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 53/94] EDAC: Fix memleak in module init error path Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 54/94] ARM: dts: dra7: fix DCAN node addresses Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 55/94] floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 56/94] tty: serial: lpuart: avoid leaking struct tty_struct Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 57/94] serial: cpm_uart: return immediately from console poll Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 58/94] spi: tegra20-slink: explicitly enable/disable clock Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 59/94] spi: sh-msiof: Fix invalid SPI use during system suspend Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 60/94] spi: sh-msiof: Fix handling of write value for SISTR register Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 61/94] spi: rspi: Fix invalid SPI use during system suspend Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 62/94] spi: rspi: Fix interrupted DMA transfers Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 63/94] regulator: fix crash caused by null driver data Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 64/94] USB: fix error handling in usb_driver_claim_interface() Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 65/94] USB: handle NULL config in usb_find_alt_setting() Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 66/94] slub: make ->cpu_partial unsigned int Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 67/94] media: uvcvideo: Support realteks UVC 1.5 device Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 68/94] USB: usbdevfs: sanitize flags more Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 69/94] USB: usbdevfs: restore warning for nonsensical flags Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 70/94] Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt()" Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 71/94] USB: remove LPM management from usb_driver_claim_interface() Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 72/94] Input: elantech - enable middle button of touchpad on ThinkPad P72 Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 73/94] IB/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 74/94] IB/hfi1: Invalid user input can result in crash Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 75/94] IB/hfi1: Fix context recovery when PBC has an UnsupportedVL Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 76/94] scsi: target: iscsi: Use bin2hex instead of a re-implementation Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 77/94] serial: imx: restore handshaking irq for imx1 Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 78/94] IB/hfi1: Fix SL array bounds check Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 79/94] arm64: KVM: Tighten guest core register access from userspace Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 80/94] ext4: never move the system.data xattr out of the inode body Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 81/94] qed: Wait for ready indication before rereading the shmem Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 82/94] qed: Wait for MCP halt and resume commands to take place Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 83/94] thermal: of-thermal: disable passive polling when thermal zone is disabled Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 84/94] net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 85/94] net: hns: fix skb->truesize underestimation Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 86/94] e1000: check on netif_running() before calling e1000_up() Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 87/94] e1000: ensure to free old tx/rx rings in set_ringparam() Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 88/94] hwmon: (ina2xx) fix sysfs shunt resistor read access Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 89/94] hwmon: (adt7475) Make adt7475_read_word() return errors Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 90/94] drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 91/94] drm/amdgpu: Update power state at the end of smu hw_init Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 92/94] arm/arm64: smccc-1.1: Make return values unsigned long Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 93/94] arm/arm64: smccc-1.1: Handle function result as parameters Greg Kroah-Hartman
2018-10-02 13:25 ` [PATCH 4.9 94/94] i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus Greg Kroah-Hartman
2018-10-02 19:19 ` [PATCH 4.9 00/94] 4.9.131-stable review Nathan Chancellor
2018-10-02 20:26 ` Shuah Khan
2018-10-03 12:54 ` Guenter Roeck
2018-10-03 19:50 ` Dan Rue

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20181002132502.191082577@linuxfoundation.org \
    --to=gregkh@linuxfoundation.org \
    --cc=alexander.levin@microsoft.com \
    --cc=bart.vanassche@wdc.com \
    --cc=leitao@debian.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=martin.petersen@oracle.com \
    --cc=stable@vger.kernel.org \
    --cc=tyreld@linux.vnet.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).