The battery manufacturer string was incorrectly null terminated using
bat_model instead of bat_manu. This could result in an unintended
write to the wrong field and potentially incorrect behavior.

fixe the issue by correctly null terminating the bat_manu string.

Fixes: 32890b983086 ("Staging: initial version of the nvec driver")
Signed-off-by: Alok Tiwari <alok.a.tiwari@oracle.com>
---
 drivers/staging/nvec/nvec_power.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/staging/nvec/nvec_power.c b/drivers/staging/nvec/nvec_power.c
index e0e67a3eb7222..2faab9fdedef7 100644
--- a/drivers/staging/nvec/nvec_power.c
+++ b/drivers/staging/nvec/nvec_power.c
@@ -194,7 +194,7 @@ static int nvec_power_bat_notifier(struct notifier_block *nb,
 		break;
 	case MANUFACTURER:
 		memcpy(power->bat_manu, &res->plc, res->length - 2);
-		power->bat_model[res->length - 2] = '\0';
+		power->bat_manu[res->length - 2] = '\0';
 		break;
 	case MODEL:
 		memcpy(power->bat_model, &res->plc, res->length - 2);
-- 
2.46.0

On Sat, Jul 19, 2025 at 01:07:42AM -0700, Alok Tiwari wrote:
> The battery manufacturer string was incorrectly null terminated using
> bat_model instead of bat_manu. This could result in an unintended
> write to the wrong field and potentially incorrect behavior.
> 
> fixe the issue by correctly null terminating the bat_manu string.
> 
> Fixes: 32890b983086 ("Staging: initial version of the nvec driver")
> Signed-off-by: Alok Tiwari <alok.a.tiwari@oracle.com>
> ---

Nice.  How did you find this copy and paste bug?  I guess we could write
a static checker rule that if you do a copy followed by setting a NUL
terminator, they have to be the same string buffer.

KTODO: detect copy and paste bugs setting the NUL terminator

Reviewed-by: Dan Carpenter <dan.carpenter@linaro.org>

regards,
dan capenter