Skip to content

Commit

Permalink
video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow
Browse files Browse the repository at this point in the history
Coverity complains of a possible buffer overflow. However,
given the 'static' scope of nvidia_setup_i2c_bus() it looks
like that can't happen after examiniing the call sites.

CID 19036 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)
1. fixed_size_dest: You might overrun the 48-character fixed-size string
  chan->adapter.name by copying name without checking the length.
2. parameter_as_source: Note: This defect has an elevated risk because the
  source argument is a parameter of the current function.
 89        strcpy(chan->adapter.name, name);

Fix this warning by using strscpy() which will silence the warning and
prevent any future buffer overflows should the names used to identify the
channel become much longer.

Cc: Antonino Daplas <[email protected]>
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
Signed-off-by: Tim Gardner <[email protected]>
Signed-off-by: Helge Deller <[email protected]>
  • Loading branch information
rtg-canonical authored and hdeller committed Jan 29, 2022
1 parent 1e3c3e6 commit 37a1a2e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion drivers/video/fbdev/nvidia/nv_i2c.c
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ static int nvidia_setup_i2c_bus(struct nvidia_i2c_chan *chan, const char *name,
{
int rc;

strcpy(chan->adapter.name, name);
strscpy(chan->adapter.name, name, sizeof(chan->adapter.name));
chan->adapter.owner = THIS_MODULE;
chan->adapter.class = i2c_class;
chan->adapter.algo_data = &chan->algo;
Expand Down

0 comments on commit 37a1a2e

Please sign in to comment.