Skip to content
Snippets Groups Projects
Commit 64375014 authored by Michael van der Westhuizen's avatar Michael van der Westhuizen Committed by Tom Rini
Browse files

Prevent a stack overflow in fit_check_sign 


It is trivial to crash fit_check_sign by invoking with an
absolute path in a deeply nested directory.  This is exposed
by vboot_test.sh.

Signed-off-by: default avatarMichael van der Westhuizen <michael@smart-africa.com>
Acked-by: default avatarSimon Glass <sjg@chromium.org>
parent 25308f45
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 3 additions and 2 deletions
tools/fit_check_sign.c
+ 3
2
View file @ 64375014
...@@ -42,12 +42,13 @@ int main(int argc, char **argv) ...@@ -42,12 +42,13 @@ int main(int argc, char **argv)
void *fit_blob; void *fit_blob;
char *fdtfile = NULL; char *fdtfile = NULL;
char *keyfile = NULL; char *keyfile = NULL;
char cmdname[50]; char cmdname[256];
int ret; int ret;
void *key_blob; void *key_blob;
int c; int c;
strcpy(cmdname, *argv); strncpy(cmdname, *argv, sizeof(cmdname) - 1);
cmdname[sizeof(cmdname) - 1] = '\0';
while ((c = getopt(argc, argv, "f:k:")) != -1) while ((c = getopt(argc, argv, "f:k:")) != -1)
switch (c) { switch (c) {
case 'f': case 'f':
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment