diff options
author | Ye Li <ye.li@nxp.com> | 2018-11-12 00:53:00 -0800 |
---|---|---|
committer | Ye Li <ye.li@nxp.com> | 2018-11-12 20:09:51 -0800 |
commit | 7bc5136e5271ae0d6b11824b50a0efb8f1d55eac (patch) | |
tree | eb58a2dab3a5340b8f5accc70a2254c43eb3df8b /drivers | |
parent | cedf379e3dee43533f68d00462eebf6c535ee94f (diff) |
MLK-20240-6 fastboot: Fix potential buffer overflow
Fix coverity issue CID 3826473: Destination buffer too small (STRING_OVERFLOW)
string_overflow: You might overrun the 16-character destination string buffer by
writing 20 characters from
The size of g_ptable->name is 20, but we use 16 bytes buffer for strcpy. It may
cause buffer overflow.
Signed-off-by: Ye Li <ye.li@nxp.com>
Diffstat (limited to 'drivers')
-rw-r--r-- | drivers/usb/gadget/f_fastboot.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/usb/gadget/f_fastboot.c b/drivers/usb/gadget/f_fastboot.c index 2c6a3ac4e2..c04e507495 100644 --- a/drivers/usb/gadget/f_fastboot.c +++ b/drivers/usb/gadget/f_fastboot.c @@ -3081,7 +3081,7 @@ static int get_partition_base_name(char (*partition_base_name)[16]) int n = 0; int count = 0; char *ptr1, *ptr2; - char buffer[16]; + char buffer[20]; for (n = 0; n < g_pcount; n++) { strcpy(buffer,g_ptable[n].name); |