kdb: Fix a potential buffer overflow in kdb_local()
When appending "[defcmd]" to 'kdb_prompt_str', the size of the string
already in the buffer should be taken into account.
An option could be to switch from strncat() to strlcat() which does the
correct test to avoid such an overflow.
However, this actually looks as dead code, because 'defcmd_in_progress'
can't be true here.
See a more detailed explanation at [1].
[1]: https://lore.kernel.org/all/CAD=FV=WSh7wKN7Yp-3wWiDgX4E3isQ8uh0LCzTmd1v9Cg9j+nQ@mail.gmail.com/
Fixes: 5d5314d679
("kdb: core for kgdb back end (1 of 2)")
Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
Reviewed-by: Douglas Anderson <dianders@chromium.org>
This commit is contained in:
parent
610a9b8f49
commit
4f41d30cd6
@ -1348,8 +1348,6 @@ do_full_getstr:
|
||||
/* PROMPT can only be set if we have MEM_READ permission. */
|
||||
snprintf(kdb_prompt_str, CMD_BUFLEN, kdbgetenv("PROMPT"),
|
||||
raw_smp_processor_id());
|
||||
if (defcmd_in_progress)
|
||||
strncat(kdb_prompt_str, "[defcmd]", CMD_BUFLEN);
|
||||
|
||||
/*
|
||||
* Fetch command from keyboard
|
||||
|
Loading…
Reference in New Issue
Block a user