Skip to content

Commit

Permalink
drivers/video: fsl-diu-fb: fix potential memcpy buffer overflow bug
Browse files Browse the repository at this point in the history 
It makes no sense to limit the size of a strncpy() to the length of
the source string.

Signed-off-by: Timur Tabi <timur@freescale.com>
Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>
  • Loading branch information
Timur Tabi authored and Florian Tobias Schandinat committed Sep 18, 2011
1 parent f8c6bf6 commit ec02dd2
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion drivers/video/fsl-diu-fb.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -655,7 +655,7 @@ static void set_fix(struct fb_info *info)
struct fb_var_screeninfo *var = &info->var;
struct mfb_info *mfbi = info->par;

strncpy(fix->id, mfbi->id, strlen(mfbi->id));
strncpy(fix->id, mfbi->id, sizeof(fix->id));
fix->line_length = var->xres_virtual * var->bits_per_pixel / 8;
fix->type = FB_TYPE_PACKED_PIXELS;
fix->accel = FB_ACCEL_NONE;
Expand Down

0 comments on commit ec02dd2

Please sign in to comment.