[coreboot] Patch set updated for coreboot: 2659f65 cbfstool: Prevent file name to be corrupted by basename().

Hung-Te Lin (hungte@chromium.org) gerrit at coreboot.org
Tue Jan 29 17:40:03 CET 2013


Hung-Te Lin (hungte at chromium.org) just uploaded a new patch set to gerrit, which you can find at http://review.coreboot.org/2203

-gerrit

commit 2659f65a67c2d205e9bf08391730d8bcbd2e9963
Author: Hung-Te Lin <hungte at chromium.org>
Date:   Mon Jan 28 23:42:25 2013 +0800

    cbfstool: Prevent file name to be corrupted by basename().
    
    Calling basename(3) may modify content. We should allocate another buffer to
    prevent corrupting input buffer (full file path names).
    
    Change-Id: Ib4827f887542596feef16e7829b00444220b9922
    Signed-off-by: Hung-Te Lin <hungte at chromium.org>
---
 util/cbfstool/common.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/util/cbfstool/common.c b/util/cbfstool/common.c
index 97bf168..137aeb7 100644
--- a/util/cbfstool/common.c
+++ b/util/cbfstool/common.c
@@ -273,11 +273,13 @@ uint64_t intfiletype(const char *name)
 
 void print_cbfs_directory(const char *filename)
 {
+	char *name = strdup(filename);
 	printf
 		("%s: %d kB, bootblocksize %d, romsize %d, offset 0x%x\n"
 		 "alignment: %d bytes, architecture: %s\n\n",
-		 basename((char *)filename), romsize / 1024, ntohl(master_header->bootblocksize),
+		 basename(name), romsize / 1024, ntohl(master_header->bootblocksize),
 		 romsize, ntohl(master_header->offset), align, arch_to_string(arch));
+	free(name);
 	printf("%-30s %-10s %-12s Size\n", "Name", "Offset", "Type");
 	uint32_t current = phys_start;
 	while (current < phys_end) {



More information about the coreboot mailing list