summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael van der Westhuizen <michael@smart-africa.com>2014-05-20 15:58:58 +0200
committerTom Rini <trini@ti.com>2014-06-05 14:44:56 -0400
commit64375014c499528d9df5ee37f78844823a9d21f2 (patch)
tree15cf1e98e94e488c8948d7939aa402be97b27fee
parent25308f45e11527cbfc7ff6d9dced7800e4b976e4 (diff)
downloadu-boot-imx-64375014c499528d9df5ee37f78844823a9d21f2.zip
u-boot-imx-64375014c499528d9df5ee37f78844823a9d21f2.tar.gz
u-boot-imx-64375014c499528d9df5ee37f78844823a9d21f2.tar.bz2
Prevent a stack overflow in fit_check_sign
It is trivial to crash fit_check_sign by invoking with an absolute path in a deeply nested directory. This is exposed by vboot_test.sh. Signed-off-by: Michael van der Westhuizen <michael@smart-africa.com> Acked-by: Simon Glass <sjg@chromium.org>
-rw-r--r--tools/fit_check_sign.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/tools/fit_check_sign.c b/tools/fit_check_sign.c
index d6d9340..817773d 100644
--- a/tools/fit_check_sign.c
+++ b/tools/fit_check_sign.c
@@ -42,12 +42,13 @@ int main(int argc, char **argv)
void *fit_blob;
char *fdtfile = NULL;
char *keyfile = NULL;
- char cmdname[50];
+ char cmdname[256];
int ret;
void *key_blob;
int c;
- strcpy(cmdname, *argv);
+ strncpy(cmdname, *argv, sizeof(cmdname) - 1);
+ cmdname[sizeof(cmdname) - 1] = '\0';
while ((c = getopt(argc, argv, "f:k:")) != -1)
switch (c) {
case 'f':