[SLOF] [PATCH 4/5] Rework wrapper for new_nvram_partition() and fix possible bug in there

[Thomas Huth]

The wrapper for new_nvram_partition() is using a 12 bytes buffer to
create a zero-terminated string. However, if the string has exactly
12 characters, the final NUL-terminator is missing. new_nvram_partition()
then calls create_nvram_partition() internally which depends on proper
NUL-terminated strings. So fix this by making sure that the copied
string is always NUL-terminated - and while we're at it, also move
the copy code out of libnvram.code to save some precious bytes in the
stack space of the engine() function.

Signed-off-by: Thomas Huth <thuth at redhat.com>
---
 lib/libnvram/libnvram.code | 17 +++++------------
 lib/libnvram/nvram.c       | 16 ++++++++++++++++
 lib/libnvram/nvram.h       |  1 +
 3 files changed, 22 insertions(+), 12 deletions(-)

diff --git a/lib/libnvram/libnvram.code b/lib/libnvram/libnvram.code
index 6d6d06a..23e6a5f 100644
--- a/lib/libnvram/libnvram.code
+++ b/lib/libnvram/libnvram.code
@@ -89,23 +89,16 @@ MIRP
 
 /* new-nvram-partition ( type name.addr name.len len -- part.offs part.len FALSE | TRUE) */
 PRIM(new_X2d_nvram_X2d_partition)
-	int type, len, i, slen;
-	char name[12], *addr;
+	int type, len, namelen;
 	partition_t partition;
+	char *name;
 
 	len = TOS.u; POP;
-	slen = TOS.u; POP;
-	addr = (char *)TOS.u; POP;
+	namelen = TOS.u; POP;
+	name = (char *)TOS.u; POP;
 	type = TOS.u; POP;
 
-	for (i=0; i<12; i++) {
-		if(slen>i)
-			name[i]=addr[i];
-		else
-			name[i]=0;
-	}
-
-	partition=new_nvram_partition(type, name, len);
+	partition = new_nvram_partition_fs(type, name, namelen, len);
 
 	if(!partition.len) {
 		PUSH; TOS.u = -1; // TRUE
diff --git a/lib/libnvram/nvram.c b/lib/libnvram/nvram.c
index 12251e3..b69465f 100644
--- a/lib/libnvram/nvram.c
+++ b/lib/libnvram/nvram.c
@@ -476,6 +476,22 @@ partition_t new_nvram_partition(int type, char *name, int len)
 	return new_part;
 }
 
+partition_t new_nvram_partition_fs(int type, char *name, int namelen, int len)
+{
+	char buf[13];
+	int i;
+
+	for (i = 0; i < 12; i++) {
+		if (i < namelen)
+			buf[i] = name[i];
+		else
+			buf[i] = 0;
+	}
+	buf[12] = 0;
+
+	return new_nvram_partition(type, buf, len);
+}
+
 /**
  * @param partition   partition structure pointing to the partition to wipe.
  */
diff --git a/lib/libnvram/nvram.h b/lib/libnvram/nvram.h
index a1f3e67..44ebd79 100644
--- a/lib/libnvram/nvram.h
+++ b/lib/libnvram/nvram.h
@@ -55,6 +55,7 @@ partition_t get_partition_fs(unsigned int type, char *name, int namelen);
 void erase_nvram(int offset, int len);
 int wipe_partition(partition_t partition, int header_only);
 partition_t new_nvram_partition(int type, char *name, int len);
+partition_t new_nvram_partition_fs(int type, char *name, int namelen, int len);
 int increase_nvram_partition_size(partition_t partition, int newsize);
 int clear_nvram_partition(partition_t part);
 int delete_nvram_partition(partition_t part);
-- 
1.8.3.1