From 9c1f2be2fc896fdc036c4ca6ba235354bcf33bd5 Mon Sep 17 00:00:00 2001
From: wangyipeng <wangyipeng11@huawei.com>
Date: Thu, 17 Nov 2022 14:22:16 +0800
Subject: [PATCH] usb:gadget:f_generic:Clear code alarm

Check the name length to avoid memory overflow in copying, and ensure that the buffer used for string operations has enough space to hold character data and terminators

Signed-off-by: wangyipeng <wangyipeng11@huawei.com>
---
 drivers/usb/gadget/function/f_generic.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/usb/gadget/function/f_generic.c b/drivers/usb/gadget/function/f_generic.c
index b361f64c2b7d..6da877cbfe9b 100644
--- a/drivers/usb/gadget/function/f_generic.c
+++ b/drivers/usb/gadget/function/f_generic.c
@@ -1472,6 +1472,9 @@ static long usbfn_ioctl(struct file *file, unsigned int cmd, unsigned long value
                 return (-ENOMEM);
             }
 
+            if (newfn.nameLen > MAX_NAMELEN) {
+                return -EPERM;
+            }
             memcpy(ffs->dev_name, newfn.name, newfn.nameLen);
             
             if (unlikely(!ffs->dev_name)) {
-- 
Gitee