Re: [PATCH rtems-tools] rtems-bin2c.c: Check length of buffer to be copied

Chris Johns Mon, 27 Sep 2021 17:40:53 -0700

On 28/9/21 7:28 am, Ryan Long wrote:
>  CID 1063892: Copy into fixed size buffer in process().
> 
> Closes #4424
> ---
>  misc/bin2c/rtems-bin2c.c | 9 +++++++++
>  1 file changed, 9 insertions(+)
> 
> diff --git a/misc/bin2c/rtems-bin2c.c b/misc/bin2c/rtems-bin2c.c
> index 8e32d25..1668063 100644
> --- a/misc/bin2c/rtems-bin2c.c
> +++ b/misc/bin2c/rtems-bin2c.c
> @@ -141,6 +141,15 @@ void process(const char *ifname, const char *ofname, 
> const char *forced_name)
>    char *ifbasename;
>    ifbasename = basename(ifbasename_to_free);
>  
> +  /* Ensure length of ifbasename is shorter than length of buf */
> +  if (strlen(ifbasename) > PATH_MAX+1) {
> +    fprintf(stderr, "not enough room to copy");


Can this please be `error: not enough room to copy` and then copy what?

Thanks
Chris

> +    fclose(ifile);
> +    if ( createC ) { fclose(ocfile); }
> +    if ( createH ) { fclose(ohfile); }
> +    exit(1);
> +  }
> +
>    strcpy(buf, ifbasename);
>    sanitize_file_name(buf);
>  
> 
_______________________________________________
devel mailing list
devel@rtems.org
http://lists.rtems.org/mailman/listinfo/devel

Re: [PATCH rtems-tools] rtems-bin2c.c: Check length of buffer to be copied

Reply via email to