[Skiboot] [PATCH] [console] Fix possible buffer overflow
Ananth N Mavinakayanahalli
ananth at in.ibm.com
Wed Jun 17 01:50:20 AEST 2015
NULL terminate and truncate size of copy into char buffer to the right size.
Signed-off-by: Ananth N Mavinakayanahalli <ananth at in.ibm.com>
---
hw/fsp/fsp-console.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/hw/fsp/fsp-console.c b/hw/fsp/fsp-console.c
index c1195f2..2a25e1c 100644
--- a/hw/fsp/fsp-console.c
+++ b/hw/fsp/fsp-console.c
@@ -511,7 +511,8 @@ static void fsp_serial_add(int index, u16 rsrc_id, const char *loc_code,
}
ser->rsrc_id = rsrc_id;
- strncpy(ser->loc_code, loc_code, LOC_CODE_SIZE);
+ memset(ser->loc_code, 0x00, LOC_CODE_SIZE);
+ strncpy(ser->loc_code, loc_code, LOC_CODE_SIZE - 1);
ser->available = true;
ser->log_port = log_port;
unlock(&fsp_con_lock);
More information about the Skiboot
mailing list