[PATCH] acpi: fix incorrect method of finding string size
Colin King
colin.king at canonical.com
Thu Jan 14 14:02:38 UTC 2021
From: Colin Ian King <colin.king at canonical.com>
Using strlen on the uninitialized string must_be_id, can lead to
a buffer overrun because the string is potentially uninitialized.
Fix this by using sizeof() instead of strlen() to determine the
string length.
Addresses-Coverity: ("Uninitialized scalar variable")
Fixes: ffea02df09d3 ("acpi: add fwts_acpi_space_id_check to check GAS adrress space ids")
Signed-off-by: Colin Ian King <colin.king at canonical.com>
---
src/lib/src/fwts_acpi_tables.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lib/src/fwts_acpi_tables.c b/src/lib/src/fwts_acpi_tables.c
index d88d31e4..628334d7 100644
--- a/src/lib/src/fwts_acpi_tables.c
+++ b/src/lib/src/fwts_acpi_tables.c
@@ -1664,7 +1664,7 @@ void fwts_acpi_space_id_check(
strncpy(label, table, 4); /* ACPI table name is 4 char long */
strncpy(label + 4, "BadAddressSpaceId", sizeof(label) - 4);
- memset(must_be_id, 0, strlen(must_be_id));
+ memset(must_be_id, 0, sizeof(must_be_id));
va_start(ap, num_type);
for (i = 0; i < num_type; i++) {
--
2.29.2
More information about the fwts-devel
mailing list