Commit 64375014c499528d9df5ee37f78844823a9d21f2
Committed by
Tom Rini
1 parent
25308f45e1
Exists in
v2017.01-smarct4x
and in
40 other branches
Prevent a stack overflow in fit_check_sign
It is trivial to crash fit_check_sign by invoking with an absolute path in a deeply nested directory. This is exposed by vboot_test.sh. Signed-off-by: Michael van der Westhuizen <michael@smart-africa.com> Acked-by: Simon Glass <sjg@chromium.org>
Showing 1 changed file with 3 additions and 2 deletions Side-by-side Diff
tools/fit_check_sign.c
... | ... | @@ -42,12 +42,13 @@ |
42 | 42 | void *fit_blob; |
43 | 43 | char *fdtfile = NULL; |
44 | 44 | char *keyfile = NULL; |
45 | - char cmdname[50]; | |
45 | + char cmdname[256]; | |
46 | 46 | int ret; |
47 | 47 | void *key_blob; |
48 | 48 | int c; |
49 | 49 | |
50 | - strcpy(cmdname, *argv); | |
50 | + strncpy(cmdname, *argv, sizeof(cmdname) - 1); | |
51 | + cmdname[sizeof(cmdname) - 1] = '\0'; | |
51 | 52 | while ((c = getopt(argc, argv, "f:k:")) != -1) |
52 | 53 | switch (c) { |
53 | 54 | case 'f': |