]> git.itanic.dy.fi Git - linux-stable/commit
projects / linux-stable / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 610a9b8) | patch
kdb: Fix a potential buffer overflow in kdb_local()
authorChristophe JAILLET <christophe.jaillet@wanadoo.fr>
Sat, 25 Nov 2023 12:05:04 +0000 (13:05 +0100)
committerDaniel Thompson <daniel.thompson@linaro.org>
Wed, 17 Jan 2024 17:19:06 +0000 (17:19 +0000)
commit4f41d30cd6dc865c3cbc1a852372321eba6d4e4c
tree54ea811ddad750131675cbc0c70e5f63da13ef7dtree | snapshot
parent610a9b8f49fbcf1100716370d3b5f6f884a2835acommit | diff
kdb: Fix a potential buffer overflow in kdb_local()

When appending "[defcmd]" to 'kdb_prompt_str', the size of the string
already in the buffer should be taken into account.

An option could be to switch from strncat() to strlcat() which does the
correct test to avoid such an overflow.

However, this actually looks as dead code, because 'defcmd_in_progress'
can't be true here.
See a more detailed explanation at [1].

[1]: https://lore.kernel.org/all/CAD=FV=WSh7wKN7Yp-3wWiDgX4E3isQ8uh0LCzTmd1v9Cg9j+nQ@mail.gmail.com/

Fixes: 5d5314d6795f ("kdb: core for kgdb back end (1 of 2)")
Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
Reviewed-by: Douglas Anderson <dianders@chromium.org>
kernel/debug/kdb/kdb_main.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.