Skip to content

Commit

Permalink
strscpy: reject buffer sizes larger than INT_MAX
Browse files Browse the repository at this point in the history 
As already done for snprintf(), add a check in strscpy() for giant (i.e.
likely negative and/or miscalculated) copy sizes, WARN, and error out.

Link: http://lkml.kernel.org/r/201907260928.23DE35406@keescook
Signed-off-by: Kees Cook <[email protected]>
Cc: Joe Perches <[email protected]>
Cc: Rasmus Villemoes <[email protected]>
Cc: Yann Droneaud <[email protected]>
Cc: David Laight <[email protected]>
Cc: Jonathan Corbet <[email protected]>
Cc: Stephen Kitt <[email protected]>
Cc: Jann Horn <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
  • Loading branch information
@kees @torvalds
kees authored and torvalds committed Sep 26, 2019
1 parent d1a445d commit 9a15646
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion lib/string.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -183,7 +183,7 @@ ssize_t strscpy(char *dest, const char *src, size_t count)
size_t max = count;
long res = 0;

if (count == 0)
if (count == 0 || WARN_ON_ONCE(count > INT_MAX))
return -E2BIG;

#ifdef CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS
Expand Down

0 comments on commit 9a15646

Please sign in to comment.