isdn: avoid copying overly-long strings

Addresses http://bugzilla.kernel.org/show_bug.cgi?id=9416

Signed-off-by: Karsten Keil <kkeil@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
Karsten Keil 2007-11-22 12:43:13 +01:00 committed by Linus Torvalds
parent 552d2f841e
commit 0f13864e5b

View File

@ -2104,7 +2104,7 @@ isdn_net_find_icall(int di, int ch, int idx, setup_parm *setup)
u_long flags; u_long flags;
isdn_net_dev *p; isdn_net_dev *p;
isdn_net_phone *n; isdn_net_phone *n;
char nr[32]; char nr[ISDN_MSNLEN];
char *my_eaz; char *my_eaz;
/* Search name in netdev-chain */ /* Search name in netdev-chain */
@ -2113,7 +2113,7 @@ isdn_net_find_icall(int di, int ch, int idx, setup_parm *setup)
nr[1] = '\0'; nr[1] = '\0';
printk(KERN_INFO "isdn_net: Incoming call without OAD, assuming '0'\n"); printk(KERN_INFO "isdn_net: Incoming call without OAD, assuming '0'\n");
} else } else
strcpy(nr, setup->phone); strlcpy(nr, setup->phone, ISDN_MSNLEN);
si1 = (int) setup->si1; si1 = (int) setup->si1;
si2 = (int) setup->si2; si2 = (int) setup->si2;
if (!setup->eazmsn[0]) { if (!setup->eazmsn[0]) {
@ -2789,7 +2789,7 @@ isdn_net_setcfg(isdn_net_ioctl_cfg * cfg)
chidx = -1; chidx = -1;
} }
} }
strcpy(lp->msn, cfg->eaz); strlcpy(lp->msn, cfg->eaz, sizeof(lp->msn));
lp->pre_device = drvidx; lp->pre_device = drvidx;
lp->pre_channel = chidx; lp->pre_channel = chidx;
lp->onhtime = cfg->onhtime; lp->onhtime = cfg->onhtime;
@ -2936,7 +2936,7 @@ isdn_net_addphone(isdn_net_ioctl_phone * phone)
if (p) { if (p) {
if (!(n = kmalloc(sizeof(isdn_net_phone), GFP_KERNEL))) if (!(n = kmalloc(sizeof(isdn_net_phone), GFP_KERNEL)))
return -ENOMEM; return -ENOMEM;
strcpy(n->num, phone->phone); strlcpy(n->num, phone->phone, sizeof(n->num));
n->next = p->local->phone[phone->outgoing & 1]; n->next = p->local->phone[phone->outgoing & 1];
p->local->phone[phone->outgoing & 1] = n; p->local->phone[phone->outgoing & 1] = n;
return 0; return 0;