From 440daf786a85f8c1f4959c519811e3d6e10586bc Mon Sep 17 00:00:00 2001 From: Patrick Georgi Date: Sun, 3 Aug 2014 12:14:25 +0200 Subject: [PATCH] ifdtool: Avoid potential buffer overflow Filenames of 4091 bytes or more lead to a buffer overflow. Change-Id: I1b4b3932af096f0fcbfb783ab708ed273d3a844e Found-by: Coverity Scan Signed-off-by: Patrick Georgi Reviewed-on: http://review.coreboot.org/6476 Tested-by: build bot (Jenkins) Reviewed-by: Edward O'Callaghan Reviewed-by: Paul Menzel --- util/ifdtool/ifdtool.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/util/ifdtool/ifdtool.c b/util/ifdtool/ifdtool.c index 0425b1cd49..deef1b1fee 100644 --- a/util/ifdtool/ifdtool.c +++ b/util/ifdtool/ifdtool.c @@ -552,7 +552,8 @@ static void write_image(char *filename, char *image, int size) char new_filename[FILENAME_MAX]; // allow long file names int new_fd; - strncpy(new_filename, filename, FILENAME_MAX); + // - 5: leave room for ".new\0" + strncpy(new_filename, filename, FILENAME_MAX - 5); strncat(new_filename, ".new", FILENAME_MAX - strlen(filename)); printf("Writing new image to %s\n", new_filename);