From 98f70c5bf93fca8d5b31b9787f2f1f8258d145e4 Mon Sep 17 00:00:00 2001
From: Brahmaji K <bkomma@codeaurora.org>
Date: Mon, 24 Apr 2017 13:02:15 +0530
Subject: cryptfs_hw: Fix stack out of bound issue

Add strnlen() instead of strlen() to fix the buffer overflow
while processing the password.

Change-Id: I5996bb62980741b7463c8829a43524e79abc4f19
---
 cryptfs_hw.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cryptfs_hw.c b/cryptfs_hw.c
index ff06c9f..214713c 100755
--- a/cryptfs_hw.c
+++ b/cryptfs_hw.c
@@ -106,7 +106,7 @@ static unsigned char* get_tmp_passwd(const char* passwd)
         tmp_passwd = (unsigned char*)malloc(MAX_PASSWORD_LEN);
         if(tmp_passwd) {
             memset(tmp_passwd, 0, MAX_PASSWORD_LEN);
-            passwd_len = (strlen(passwd) > MAX_PASSWORD_LEN) ? MAX_PASSWORD_LEN : strlen(passwd);
+            passwd_len = strnlen(passwd, MAX_PASSWORD_LEN);
             memcpy(tmp_passwd, passwd, passwd_len);
         } else {
             SLOGE("%s: Failed to allocate memory for tmp passwd \n", __func__);
-- 
cgit v1.2.3