staging: fbtft: Fix buffer overflow vulnerability

Module copies a user supplied string (module parameter) into a buffer using strncpy() and does not check that the buffer is null terminated. Replace call to strncpy() with call to strlcpy() ensuring that the buffer is null terminated. Signed-off-by: Tobin C. Harding <me@tobin.cc> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Tobin C. Harding <me@tobin.cc> 2017-02-15 14:27:23 +1100
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2017-03-06 09:16:59 +0100
commit: 8414fe11ba2ff2422c4b73bbef3b035a2562c88a (patch)
tree: e465234e548c8b8862bb41ab451afcc7703a4d94 /drivers/staging/fbtft
parent: ca5af1f303d16cdf183354abffba46528b72a163 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/staging/fbtft/fbtft_device.c b/drivers/staging/fbtft/fbtft_device.c
index 9ffb9cecc465..6b9e8adda984 100644
--- a/drivers/staging/fbtft/fbtft_device.c
+++ b/drivers/staging/fbtft/fbtft_device.c
@@ -1483,7 +1483,7 @@ static int __init fbtft_device_init(void)
 			displays[i].pdev->name = name;
 			displays[i].spi = NULL;
 		} else {
-			strncpy(displays[i].spi->modalias, name, SPI_NAME_SIZE);
+			strlcpy(displays[i].spi->modalias, name, SPI_NAME_SIZE);
 			displays[i].pdev = NULL;
 		}
 	}
author	Tobin C. Harding <me@tobin.cc>	2017-02-15 14:27:23 +1100
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2017-03-06 09:16:59 +0100
commit	8414fe11ba2ff2422c4b73bbef3b035a2562c88a (patch)
tree	e465234e548c8b8862bb41ab451afcc7703a4d94 /drivers/staging/fbtft
parent	ca5af1f303d16cdf183354abffba46528b72a163 (diff)