mirror of
https://github.com/torvalds/linux.git
synced 2024-11-24 21:21:41 +00:00
ALSA: caiaq - Fix possible string-buffer overflow
Use strlcpy() to assure not to overflow the string array sizes by too long USB device name string. Reported-by: Rafa <rafa@mwrinfosecurity.com> Cc: stable <stable@kernel.org> Signed-off-by: Takashi Iwai <tiwai@suse.de>
This commit is contained in:
parent
5e5677f239
commit
eaae55dac6
@ -785,7 +785,7 @@ int snd_usb_caiaq_audio_init(struct snd_usb_caiaqdev *dev)
|
||||
}
|
||||
|
||||
dev->pcm->private_data = dev;
|
||||
strcpy(dev->pcm->name, dev->product_name);
|
||||
strlcpy(dev->pcm->name, dev->product_name, sizeof(dev->pcm->name));
|
||||
|
||||
memset(dev->sub_playback, 0, sizeof(dev->sub_playback));
|
||||
memset(dev->sub_capture, 0, sizeof(dev->sub_capture));
|
||||
|
@ -136,7 +136,7 @@ int snd_usb_caiaq_midi_init(struct snd_usb_caiaqdev *device)
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
|
||||
strcpy(rmidi->name, device->product_name);
|
||||
strlcpy(rmidi->name, device->product_name, sizeof(rmidi->name));
|
||||
|
||||
rmidi->info_flags = SNDRV_RAWMIDI_INFO_DUPLEX;
|
||||
rmidi->private_data = device;
|
||||
|
Loading…
Reference in New Issue
Block a user