diff options
author | Chris Metcalf <cmetcalf@ezchip.com> | 2015-10-06 12:37:41 -0400 |
---|---|---|
committer | Chris Metcalf <cmetcalf@ezchip.com> | 2015-10-06 14:53:18 -0400 |
commit | 990486c8af044f89bddfbde1d1cf9fde449bedbf (patch) | |
tree | 145c16309dfc5586b5120d7b7c7d585337e8d5d1 /lib/string.c | |
parent | c753bf34c94e5ac901e625e52f47320eeec4de2d (diff) | |
download | linux-0-day-990486c8af044f89bddfbde1d1cf9fde449bedbf.tar.gz linux-0-day-990486c8af044f89bddfbde1d1cf9fde449bedbf.tar.xz |
strscpy: zero any trailing garbage bytes in the destination
It's possible that the destination can be shadowed in userspace
(as, for example, the perf buffers are now). So we should take
care not to leak data that could be inspected by userspace.
Signed-off-by: Chris Metcalf <cmetcalf@ezchip.com>
Diffstat (limited to 'lib/string.c')
-rw-r--r-- | lib/string.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/string.c b/lib/string.c index 8dbb7b1eab508..84775ba873b9e 100644 --- a/lib/string.c +++ b/lib/string.c @@ -203,12 +203,13 @@ ssize_t strscpy(char *dest, const char *src, size_t count) unsigned long c, data; c = *(unsigned long *)(src+res); - *(unsigned long *)(dest+res) = c; if (has_zero(c, &data, &constants)) { data = prep_zero_mask(c, data, &constants); data = create_zero_mask(data); + *(unsigned long *)(dest+res) = c & zero_bytemask(data); return res + find_zero(data); } + *(unsigned long *)(dest+res) = c; res += sizeof(unsigned long); count -= sizeof(unsigned long); max -= sizeof(unsigned long); |