From: Alexander Aring <aahringo@redhat.com>
Date: Fri, 12 Nov 2021 15:08:01 +0000 (-0500)
Subject: fs: dlm: fix potential buffer overflow
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=6a628fa43810f861da50c593c69f2ead1c829231;p=linux.git

fs: dlm: fix potential buffer overflow

This patch fixes an potential overflow in sscanf and the maximum
declared string parsing length which seems to be excluding the null
termination symbol. This patch will just add one byte to be prepared on
a string with length of DLM_RESNAME_MAXLEN including the null
termination symbol.

Fixes: 5054e79de999 ("fs: dlm: add lkb debugfs functionality")
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Alexander Aring <aahringo@redhat.com>
Signed-off-by: David Teigland <teigland@redhat.com>
---

diff --git a/fs/dlm/debug_fs.c b/fs/dlm/debug_fs.c
index df6f3f107be4f..8fb04ebbafb5d 100644
--- a/fs/dlm/debug_fs.c
+++ b/fs/dlm/debug_fs.c
@@ -640,7 +640,7 @@ static ssize_t table_write2(struct file *file, const char __user *user_buf,
 {
 	struct seq_file *seq = file->private_data;
 	int n, len, lkb_nodeid, lkb_status, error;
-	char name[DLM_RESNAME_MAXLEN] = {};
+	char name[DLM_RESNAME_MAXLEN + 1] = {};
 	struct dlm_ls *ls = seq->private;
 	unsigned int lkb_flags;
 	char buf[256] = {};