[PATCH] mtd: clamp ubi name strings

Dmitry V. Levin ldv at altlinux.org
Sun May 5 09:20:16 UTC 2013


On Sun, May 05, 2013 at 01:21:54AM -0400, Mike Frysinger wrote:
> Since the length fields with the ubi volnames are signed 16bit values,
> make sure we clamp that number to the size of the buffer we've allocated
> on the stack to prevent buffer overflows.
> 
> * mtd.c (ubi_ioctl): Clamp length to string_quote to 0/UBI_MAX_VOLUME_NAME.
> Check the return of string_quote and tweak the output accordingly.

Applied, thanks.


-- 
ldv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20130505/a701cb74/attachment.bin>


More information about the Strace-devel mailing list