[lvc-project] [PATCH] platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store()
Ilpo Järvinen
ilpo.jarvinen at linux.intel.com
Thu May 15 14:52:27 MSK 2025
On Wed, 14 May 2025 12:12:55 +0000, Vladimir Moskovkin wrote:
> If the 'buf' array received from the user contains an empty string, the
> 'length' variable will be zero. Accessing the 'buf' array element with
> index 'length - 1' will result in a buffer overflow.
>
> Add a check for an empty string.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> [...]
Thank you for your contribution, it has been applied to my local
review-ilpo-fixes branch. Note it will show up in the public
platform-drivers-x86/review-ilpo-fixes branch only once I've pushed my
local branch there, which might take a while.
The list of commits applied:
[1/1] platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store()
commit: 4e89a4077490f52cde652d17e32519b666abf3a6
--
i.
More information about the lvc-project
mailing list