Prevent a stack overflow in fit_check_sign
It is trivial to crash fit_check_sign by invoking with an absolute path in a deeply nested directory. This is exposed by vboot_test.sh. Signed-off-by: Michael van der Westhuizen <michael@smart-africa.com> Acked-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
parent
25308f45e1
commit
64375014c4
@ -42,12 +42,13 @@ int main(int argc, char **argv)
|
||||
void *fit_blob;
|
||||
char *fdtfile = NULL;
|
||||
char *keyfile = NULL;
|
||||
char cmdname[50];
|
||||
char cmdname[256];
|
||||
int ret;
|
||||
void *key_blob;
|
||||
int c;
|
||||
|
||||
strcpy(cmdname, *argv);
|
||||
strncpy(cmdname, *argv, sizeof(cmdname) - 1);
|
||||
cmdname[sizeof(cmdname) - 1] = '\0';
|
||||
while ((c = getopt(argc, argv, "f:k:")) != -1)
|
||||
switch (c) {
|
||||
case 'f':
|
||||
|
Loading…
Reference in New Issue
Block a user