cbfstool: Make use of spurious null-termination
The null-termination of `filetypes` was added after the code was
written, obviously resulting in NULL dereferences. As some more
code has grown around the termination, it's hard to revert the
regression, so let's update the code that still used the array
length.
This fixes commit 7f5f9331d1
(util/cbfstool: fix buffer over-read)
which actually did fix something, but only one path while it broke
two others. We should be careful with fixes, they can always break
something else. Especially when a dumb tool triggered the patching
it seems likely that fewer people looked into related code.
Change-Id: If2ece1f5ad62952ed2e57769702e318ba5468f0c
Signed-off-by: Nico Huber <nico.huber@secunet.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/55763
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
This commit is contained in:
parent
cd85aac434
commit
f22f408956
|
@ -168,10 +168,10 @@ void print_supported_architectures(void)
|
|||
|
||||
void print_supported_filetypes(void)
|
||||
{
|
||||
int i, number = ARRAY_SIZE(filetypes);
|
||||
int i;
|
||||
|
||||
for (i=0; i<number; i++) {
|
||||
printf(" %s%c", filetypes[i].name, (i==(number-1))?'\n':',');
|
||||
for (i=0; filetypes[i].name; i++) {
|
||||
printf(" %s%c", filetypes[i].name, filetypes[i + 1].name ? ',' : '\n');
|
||||
if ((i%8) == 7)
|
||||
printf("\n");
|
||||
}
|
||||
|
@ -180,7 +180,7 @@ void print_supported_filetypes(void)
|
|||
uint64_t intfiletype(const char *name)
|
||||
{
|
||||
size_t i;
|
||||
for (i = 0; i < (sizeof(filetypes) / sizeof(struct typedesc_t)); i++)
|
||||
for (i = 0; filetypes[i].name; i++)
|
||||
if (strcmp(filetypes[i].name, name) == 0)
|
||||
return filetypes[i].type;
|
||||
return -1;
|
||||
|
|
Loading…
Reference in New Issue