mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/net/bluetooth/cmtp
History
Colin Ian King 713baf3dae Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow 
An earlier commit replaced using batostr to using %pMR sprintf for the
construction of session->name. Static analysis detected that this new
method can use a total of 21 characters (including the trailing '\0')
so we need to increase the BTNAMSIZ from 18 to 21 to fix potential
buffer overflows.

Addresses-Coverity: ("Out-of-bounds write")
Fixes: fcb73338ed ("Bluetooth: Use %pMR in sprintf/seq_printf instead of batostr")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
 		2021-08-05 15:05:37 +02:00
..
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
capi.c Bluetooth: cmtp: Use the correct print format 2021-06-26 07:12:40 +02:00
cmtp.h Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow 2021-08-05 15:05:37 +02:00
core.c Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails 2021-06-26 07:12:25 +02:00
sock.c net: make ->{get,set}sockopt in proto_ops optional 2020-07-19 18:16:41 -07:00