scsi: qedf: Avoid reading past end of buffer
authorKees Cook <keescook@chromium.org>
Fri, 5 May 2017 22:42:55 +0000 (15:42 -0700)
committerMartin K. Petersen <martin.petersen@oracle.com>
Tue, 9 May 2017 02:07:48 +0000 (22:07 -0400)
commitcd22874fec8fbecd4999b55e67baf3d71775f6f3
tree0e02757aef2592f535c754271fd7b441d9056dee
parent0d2fc3b48ba0e267962c861c5258564c335dd1f2
scsi: qedf: Avoid reading past end of buffer

Using memcpy() from a string that is shorter than the length copied
means the destination buffer is being filled with arbitrary data from
the kernel rodata segment. Instead, use strncpy() which will fill the
trailing bytes with zeros.

This was found with the future CONFIG_FORTIFY_SOURCE feature.

Cc: Daniel Micay <danielmicay@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Chad Dupuis <chad.dupuis@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
drivers/scsi/qedf/qedf_main.c