Commit f9cbaeb5 authored by YueHaibing's avatar YueHaibing Committed by Kalle Valo
Browse files

atmel: using strlcpy() to avoid possible buffer overflows 



'firmware' is a module param which may been longer than firmware_id,
so using strlcpy() to guard against overflows. Also priv is allocated
with zeroed memory,no need to set firmware_id[0] to '\0'.

Signed-off-by: default avatarYueHaibing <yuehaibing@huawei.com>
Signed-off-by: default avatarKalle Valo <kvalo@codeaurora.org>
parent 04614fe4

drivers/net/wireless/atmel/atmel.c

+1 −2
Original line number Diff line number Diff line
@@ -1516,10 +1516,9 @@ struct net_device *init_atmel_card(unsigned short irq, unsigned long port, 
	priv->present_callback = card_present;

	priv->card = card;

	priv->firmware = NULL;

	priv->firmware_id[0] = '\0';

	priv->firmware_type = fw_type;

	if (firmware) /* module parameter */

		strcpy(priv->firmware_id, firmware);

		strlcpy(priv->firmware_id, firmware, sizeof(priv->firmware_id));

	priv->bus_type = card_present ? BUS_TYPE_PCCARD : BUS_TYPE_PCI;

	priv->station_state = STATION_STATE_DOWN;

	priv->do_rx_crc = 0;

CRA Git | Maintained and supported by SUSTech CRA and CCSE