From patchwork Thu Jun 2 08:04:56 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kangjie Lu X-Patchwork-Id: 629100 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3rL0Cm4HTFz9t2p for ; Thu, 2 Jun 2016 18:05:56 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b=Oif+CWcj; dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932267AbcFBIFJ (ORCPT ); Thu, 2 Jun 2016 04:05:09 -0400 Received: from mail-yw0-f196.google.com ([209.85.161.196]:33752 "EHLO mail-yw0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932085AbcFBIFD (ORCPT ); Thu, 2 Jun 2016 04:05:03 -0400 Received: by mail-yw0-f196.google.com with SMTP id y6so5888313ywe.0; Thu, 02 Jun 2016 01:05:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id; bh=jsXD0rpFCOSuft52ngGHvJ2Kzw7TfCWqiGmazm44PpI=; b=Oif+CWcjwxHFCXJV3aUHSfCeJMymeX3BTYWT2a0XTQLMUl37R1BOXbxegtLPExWBX8 ZjDNFj4p4/+1CYFoXmBlGvrz6DO2wFRmRAQTKgKFguIYa6d7pz/SX7LOdY//cc4FhQ4F 5d7/JFGvtaPplwvwbzKZcG+iWnKwaQKutSg4VsCElmyx7OERyD0Et616keFyibTR8gRl oRyBmWmIn2Vav66kMF+nqdKI5GkDUPBPTU4dXjtvt2dDl6UZZwS2qbaARsHdp2b+v0t4 pMHX/BprFp4reo7CwKea2KJDwd7ualo+/LlHkEocLpobqbbadEhihpyryi3kBYY/0VXZ XdTw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=jsXD0rpFCOSuft52ngGHvJ2Kzw7TfCWqiGmazm44PpI=; b=Bo+kVyGa0AuceRAnuhk9E7qLc+uafqrUL4CNqBLpbAMWChnl31iA2RA3oRdujv2bHl SCX/g1OqmXYKRHRadkWZVxs18qZlnvu28Vm8VsqHyW6QTzwe/JW9k4OVNjXrHR+Elvja TTIn3Yqk0WcWeNvOLvxhiaiEfHqSnMucXBX2V4gUzaEyEI+Ja4rvy4RjSaof5iJnp0nt 13bL6BN5p8FGK4mms1FTaBS09/aYkFekK+86HT24FBgKdqpfAbiIN77a/sBgcBsTjGGl Hu47fm9xybjKhpYsPfat12H6GQVGUyBnPW3PzL+gdm1r7Wo38s8y+FvcwI9nMFs/Ilsu IXdQ== X-Gm-Message-State: ALyK8tL4m29N2SSrqWvqd7EXqjMUYKrVQFax9rC5tGmsveM+khGyF0SYdlZIUDvXhV4eEw== X-Received: by 10.129.145.85 with SMTP id i82mr5308480ywg.87.1464854701844; Thu, 02 Jun 2016 01:05:01 -0700 (PDT) Received: from localhost.localdomain (kangjie.gtisc.gatech.edu. [143.215.130.110]) by smtp.gmail.com with ESMTPSA id d71sm21702723ywb.50.2016.06.02.01.05.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 02 Jun 2016 01:05:01 -0700 (PDT) From: Kangjie Lu X-Google-Original-From: Kangjie Lu To: jon.maloy@ericsson.com Cc: ying.xue@windriver.com, davem@davemloft.net, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, taesoo@gatech.edu, csong84@gatech.edu, Kangjie Lu Subject: [PATCH] tipc: fix an infoleak in tipc_nl_compat_link_dump Date: Thu, 2 Jun 2016 04:04:56 -0400 Message-Id: <1464854696-29513-1-git-send-email-kjlu@gatech.edu> X-Mailer: git-send-email 2.7.4 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org link_info.str is a char array of size 60. Memory after the NULL byte is not initialized. Sending the whole object out can cause a leak. Signed-off-by: Kangjie Lu --- net/tipc/netlink_compat.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/tipc/netlink_compat.c b/net/tipc/netlink_compat.c index f795b1d..2518014 100644 --- a/net/tipc/netlink_compat.c +++ b/net/tipc/netlink_compat.c @@ -604,7 +604,8 @@ static int tipc_nl_compat_link_dump(struct tipc_nl_compat_msg *msg, link_info.dest = nla_get_flag(link[TIPC_NLA_LINK_DEST]); link_info.up = htonl(nla_get_flag(link[TIPC_NLA_LINK_UP])); - strcpy(link_info.str, nla_data(link[TIPC_NLA_LINK_NAME])); + nla_strlcpy(link_info.str, nla_data(link[TIPC_NLA_LINK_NAME]), + TIPC_MAX_LINK_NAME); return tipc_add_tlv(msg->rep, TIPC_TLV_LINK_INFO, &link_info, sizeof(link_info));