ACK: [PATCH] acpi: fix incorrect method of finding string size
Alex Hung
alex.hung at canonical.com
Thu Jan 14 19:58:26 UTC 2021
On 2021-01-14 7:02 a.m., Colin King wrote:
> From: Colin Ian King <colin.king at canonical.com>
>
> Using strlen on the uninitialized string must_be_id, can lead to
> a buffer overrun because the string is potentially uninitialized.
> Fix this by using sizeof() instead of strlen() to determine the
> string length.
>
> Addresses-Coverity: ("Uninitialized scalar variable")
> Fixes: ffea02df09d3 ("acpi: add fwts_acpi_space_id_check to check GAS adrress space ids")
> Signed-off-by: Colin Ian King <colin.king at canonical.com>
> ---
> src/lib/src/fwts_acpi_tables.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/lib/src/fwts_acpi_tables.c b/src/lib/src/fwts_acpi_tables.c
> index d88d31e4..628334d7 100644
> --- a/src/lib/src/fwts_acpi_tables.c
> +++ b/src/lib/src/fwts_acpi_tables.c
> @@ -1664,7 +1664,7 @@ void fwts_acpi_space_id_check(
>
> strncpy(label, table, 4); /* ACPI table name is 4 char long */
> strncpy(label + 4, "BadAddressSpaceId", sizeof(label) - 4);
> - memset(must_be_id, 0, strlen(must_be_id));
> + memset(must_be_id, 0, sizeof(must_be_id));
>
> va_start(ap, num_type);
> for (i = 0; i < num_type; i++) {
>
Acked-by: Alex Hung <alex.hung at canonical.com>
More information about the fwts-devel
mailing list