diff options
author | Chris Metcalf <cmetcalf@ezchip.com> | 2015-10-06 12:37:41 -0400 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2017-08-11 09:30:09 -0700 |
commit | 588b2464f3e5467902c6ebf56d10339793147155 (patch) | |
tree | 0cac3b1769288d15a385ac5acbe2e56240b9a446 /lib | |
parent | a7191e904907108f470dfdaabccf905e0be34265 (diff) |
strscpy: zero any trailing garbage bytes in the destination
commit 990486c8af044f89bddfbde1d1cf9fde449bedbf upstream.
It's possible that the destination can be shadowed in userspace
(as, for example, the perf buffers are now). So we should take
care not to leak data that could be inspected by userspace.
Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/string.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/string.c b/lib/string.c index a93dac298f93..8e8a2e9e9522 100644 --- a/lib/string.c +++ b/lib/string.c @@ -211,12 +211,13 @@ ssize_t strscpy(char *dest, const char *src, size_t count) unsigned long c, data; c = *(unsigned long *)(src+res); - *(unsigned long *)(dest+res) = c; if (has_zero(c, &data, &constants)) { data = prep_zero_mask(c, data, &constants); data = create_zero_mask(data); + *(unsigned long *)(dest+res) = c & zero_bytemask(data); return res + find_zero(data); } + *(unsigned long *)(dest+res) = c; res += sizeof(unsigned long); count -= sizeof(unsigned long); max -= sizeof(unsigned long); |