brain-hackers_pepepper-mirror
/
linux-brain
mirror of https://github.com/brain-hackers/linux-brain.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
linux-brain/net/bluetooth/cmtp
History
Colin Ian King 5537dc810b Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow 
[ Upstream commit 713baf3dae8f45dc8ada4ed2f5fdcbf94a5c274d ]

An earlier commit replaced using batostr to using %pMR sprintf for the
construction of session->name. Static analysis detected that this new
method can use a total of 21 characters (including the trailing '\0')
so we need to increase the BTNAMSIZ from 18 to 21 to fix potential
buffer overflows.

Addresses-Coverity: ("Out-of-bounds write")
Fixes: fcb73338ed ("Bluetooth: Use %pMR in sprintf/seq_printf instead of batostr")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2021-09-15 09:47:33 +02:00
..
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
capi.c isdn: replace ->proc_fops with ->proc_show 2018-05-16 07:24:30 +02:00
cmtp.h Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow 2021-09-15 09:47:33 +02:00
core.c Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails 2021-06-03 08:59:06 +02:00
sock.c cmtp: fix compat_ioctl 2018-09-10 12:41:06 -04:00