diff options
author | Jin Qian <jinqian@google.com> | 2017-11-08 14:54:01 -0800 |
---|---|---|
committer | Jin Qian <jinqian@google.com> | 2017-11-08 15:35:07 -0800 |
commit | 41763978fa0b72f58b3ddadca671d7634d67f3ad (patch) | |
tree | 38644fefb8b14a389b2a8259de9f9e9f97f5d55a /ext4_utils | |
parent | 9e4ad1520e1b18dad53157d4033c6bac8de7fb9c (diff) | |
download | extras-41763978fa0b72f58b3ddadca671d7634d67f3ad.tar.gz |
Fix buffer overflow in blk_alloc_to_base_fs
Bug: 68988643
Change-Id: I6a81c8197780430a9e5816181a81fe7bafc3e47f
Diffstat (limited to 'ext4_utils')
-rw-r--r-- | ext4_utils/blk_alloc_to_base_fs.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/ext4_utils/blk_alloc_to_base_fs.c b/ext4_utils/blk_alloc_to_base_fs.c index 1761fda5..877daea7 100644 --- a/ext4_utils/blk_alloc_to_base_fs.c +++ b/ext4_utils/blk_alloc_to_base_fs.c @@ -19,10 +19,16 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <sys/cdefs.h> #define MAX_PATH 4096 #define MAX_FILE_VERSION 100 +#ifndef __STRING +#define __STRING(x) #x +#endif +#define ___STRING(x) __STRING(x) + static void usage(char *filename) { fprintf(stderr, "Usage: %s input_blk_alloc_file output_base_fs_file \n", filename); @@ -31,7 +37,7 @@ static void usage(char *filename) int main(int argc, char **argv) { FILE *blk_alloc_file = NULL, *base_fs_file = NULL; - char filename[MAX_PATH], file_version[MAX_FILE_VERSION], *spaced_allocs = NULL; + char filename[MAX_PATH+1], file_version[MAX_FILE_VERSION+1], *spaced_allocs = NULL; size_t spaced_allocs_len = 0; if (argc != 3) { @@ -48,7 +54,7 @@ int main(int argc, char **argv) fprintf(stderr, "failed to open %s: %s\n", argv[2], strerror(errno)); exit(EXIT_FAILURE); } - if (fscanf(blk_alloc_file, "Base EXT4 version %s", file_version) > 0) { + if (fscanf(blk_alloc_file, "Base EXT4 version %" ___STRING(MAX_FILE_VERSION) "s", file_version) > 0) { char c; printf("%s is already in *.base_fs format, just copying into %s...\n", argv[1], argv[2]); rewind(blk_alloc_file); @@ -61,7 +67,7 @@ int main(int argc, char **argv) rewind(blk_alloc_file); } fprintf(base_fs_file, "Base EXT4 version 1.0\n"); - while(fscanf(blk_alloc_file, "%s ", filename) != EOF) { + while(fscanf(blk_alloc_file, "%" ___STRING(MAX_PATH) "s ", filename) != EOF) { int i; fprintf(base_fs_file, "%s ", filename); if (getline(&spaced_allocs, &spaced_allocs_len, blk_alloc_file) == -1) { |