On Wed, May 07, 2025 at 08:05:33PM +0900, Hideki Yamane wrote:
Hi,
On Tue, 29 Apr 2025 18:44:18 +0200 Greg Kroah-Hartman gregkh@linuxfoundation.org wrote:
6.1-stable review patch. If anyone has any objections, please let me know.
From: Sergey Shtylyov s.shtylyov@omp.ru
commit cf7385cb26ac4f0ee6c7385960525ad534323252 upstream.
In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not NULL initially) will point beyond the buffer's end. Add the buffer overflow check after the 1st snprintf() call and fix such check after the strlen() call (accounting for the terminating NUL char).
Thank you for catching this and push it to 6.1.y branch.
And it seems that other older stable branches - linux-5.4.y, linux-5.10.y and linux-5.15.y can be updated with cherry-picking 5d59fd637a8af42b211a92b2edb2474325b4d488
Could you also review and apply it if it is okay, please?
It does not apply there cleanly, please submit tested patches against those branches if you wish to have it applied there.
thanks,
greg k-h