On 3/25/2019 4:19 AM, Kangjie Lu wrote:
First, no memory is allocated for "property->value.text"; the
following strcpy will lead to a buffer overflow.
Fix the commit text as there is no overflow.
only the check and resource cleanp is the fix.
Second, no check is enforced for the return
On Sun, Mar 24, 2019 at 05:49:16PM -0500, Kangjie Lu wrote:
> First, no memory is allocated for "property->value.text"; the
> following strcpy will lead to a buffer overflow.
It is actually member of union so assigning via value.txt or value.data
is the same.
So no buffer overflow.
> Second, no
First, no memory is allocated for "property->value.text"; the
following strcpy will lead to a buffer overflow.
Second, no check is enforced for the return value of kzalloc,
which may lead to NULL-pointer dereference.
The patch fixes the two issues.
Signed-off-by: Kangjie Lu
---
3 matches
Mail list logo
