drivers/video: fsl-diu-fb: fix potential memcpy buffer overflow bug

It makes no sense to limit the size of a strncpy() to the length of
the source string.

Signed-off-by: Timur Tabi <timur@freescale.com>
Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>

diff --git a/drivers/video/fsl-diu-fb.c b/drivers/video/fsl-diu-fb.c
index 19bfbf5bb980929aad1ab31d4c912dfb10e49a32..3776949d61834fcee1dd27b87470f244ad9a0964 100644 (file)
--- a/drivers/video/fsl-diu-fb.c
+++ b/drivers/video/fsl-diu-fb.c
@@ -655,7 +655,7 @@ static void set_fix(struct fb_info *info)
        struct fb_var_screeninfo *var = &info->var;
        struct mfb_info *mfbi = info->par;
 
-       strncpy(fix->id, mfbi->id, strlen(mfbi->id));
+       strncpy(fix->id, mfbi->id, sizeof(fix->id));
        fix->line_length = var->xres_virtual * var->bits_per_pixel / 8;
        fix->type = FB_TYPE_PACKED_PIXELS;
        fix->accel = FB_ACCEL_NONE;