summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBrahmaji K <bkomma@codeaurora.org>2017-04-24 07:32:15 (GMT)
committerBruno Martins <bgcngm@gmail.com>2017-06-02 11:53:47 (GMT)
commit98f70c5bf93fca8d5b31b9787f2f1f8258d145e4 (patch)
tree7010957cf723ebf464a527bb015039367577fc5d
parent85b5399df1b081000a0982e6e1234523ca9abf9e (diff)
downloadandroid_vendor_qcom_opensource_cryptfs_hw-cm-13.0.zip
android_vendor_qcom_opensource_cryptfs_hw-cm-13.0.tar.gz
android_vendor_qcom_opensource_cryptfs_hw-cm-13.0.tar.bz2
Add strnlen() instead of strlen() to fix the buffer overflow while processing the password. Change-Id: I5996bb62980741b7463c8829a43524e79abc4f19
-rwxr-xr-xcryptfs_hw.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/cryptfs_hw.c b/cryptfs_hw.c
index ff06c9f..214713c 100755
--- a/cryptfs_hw.c
+++ b/cryptfs_hw.c
@@ -106,7 +106,7 @@ static unsigned char* get_tmp_passwd(const char* passwd)
tmp_passwd = (unsigned char*)malloc(MAX_PASSWORD_LEN);
if(tmp_passwd) {
memset(tmp_passwd, 0, MAX_PASSWORD_LEN);
- passwd_len = (strlen(passwd) > MAX_PASSWORD_LEN) ? MAX_PASSWORD_LEN : strlen(passwd);
+ passwd_len = strnlen(passwd, MAX_PASSWORD_LEN);
memcpy(tmp_passwd, passwd, passwd_len);
} else {
SLOGE("%s: Failed to allocate memory for tmp passwd \n", __func__);