sparc: fix ldom_reboot buffer overflow harder
commit20928bd3f08afb036c096d9559d581926b895918
authorKees Cook <keescook@chromium.org>
Wed, 2 Oct 2013 05:13:34 +0000 (1 22:13 -0700)
committerDavid S. Miller <davem@davemloft.net>
Thu, 3 Oct 2013 00:01:56 +0000 (2 20:01 -0400)
tree08bcf584e90c96224052645497e87c38d3083949
parentc31eeaced22ce8bd61268a3c595d542bb38c0a4f
sparc: fix ldom_reboot buffer overflow harder

The length argument to strlcpy was still wrong. It could overflow the end of
full_boot_str by 5 bytes. Instead of strcat and strlcpy, just use snprint.

Reported-by: Brad Spengler <spender@grsecurity.net>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
arch/sparc/kernel/ds.c