mkimage: fit: check cmd string for buffer overflow #11

Ham22 · 2016-11-04T14:51:04Z

When generating the command to create the fit image the inputs are
file paths which can overflow the buffer. snprintf was being used to
avoid the overflow itself but nothing actually checks if a
truncation occured giving unexpected filenames causing following
stages to fail.

Therefore add some checks before attempting to run the command.

Additionally have bumped up the size of the buffer as the current
inputs can easily get truncated with long paths.

Signed-off-by: Ian Pozella [email protected]

When generating the command to create the fit image the inputs are file paths which can overflow the buffer. snprintf was being used to avoid the overflow itself but nothing actually checks if a truncation occured giving unexpected filenames causing following stages to fail. Therefore add some checks before attempting to run the command. Additionally have bumped up the size of the buffer as the current inputs can easily get truncated with long paths. Signed-off-by: Ian Pozella <[email protected]>

Ham22 added the s: review label Nov 4, 2016

mtusnio approved these changes Nov 4, 2016

View reviewed changes

Shpinkso approved these changes Nov 4, 2016

View reviewed changes

Shpinkso merged commit 64e4021 into CreatorDev:2015.10 Nov 4, 2016

Shpinkso removed the s: review label Nov 4, 2016

Ham22 deleted the mkimage branch November 4, 2016 15:18

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

mkimage: fit: check cmd string for buffer overflow #11

mkimage: fit: check cmd string for buffer overflow #11

Uh oh!

Ham22 commented Nov 4, 2016

Uh oh!

Uh oh!

mkimage: fit: check cmd string for buffer overflow #11

mkimage: fit: check cmd string for buffer overflow #11

Uh oh!

Conversation

Ham22 commented Nov 4, 2016

Uh oh!

Uh oh!