From 802ad521804b8a9f473780fdff4058dd3f8520c3 Mon Sep 17 00:00:00 2001 From: Patrick Georgi Date: Sat, 9 Aug 2014 17:12:23 +0200 Subject: ifdtool: Provide bounds on string parser While the result will not be pretty (ie. ifdtool will mis-parse string components longer than 255 characters), at least it doesn't overflow stack variables anymore. Change-Id: I263c5cf823a2d8a863dcece7c4ee0b26475f9fc4 Found-by: Coverity Scan Signed-off-by: Patrick Georgi Reviewed-on: http://review.coreboot.org/6562 Reviewed-by: Edward O'Callaghan Tested-by: build bot (Jenkins) --- util/ifdtool/ifdtool.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'util') diff --git a/util/ifdtool/ifdtool.c b/util/ifdtool/ifdtool.c index c4785504d5..625d650a5e 100644 --- a/util/ifdtool/ifdtool.c +++ b/util/ifdtool/ifdtool.c @@ -761,7 +761,7 @@ void new_layout(char *filename, char *image, int size, char *layout_fname) while (!feof(romlayout)) { char *tstr1, *tstr2; - if (2 != fscanf(romlayout, "%s %s\n", tempstr, + if (2 != fscanf(romlayout, "%255s %255s\n", tempstr, layout_region_name)) continue; -- cgit v1.2.3