mirror of
https://git.yoctoproject.org/poky
synced 2026-05-01 06:32:11 +02:00
4eb5af2d8a
ignore changes to FILE_RCSID part. (From OE-Core rev: 20b5ead99d4904e70ea22f573bfefec8c6e862a2) Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
36 lines
1.1 KiB
Diff
36 lines
1.1 KiB
Diff
CVE: CVE-2022-48554
|
|
Upstream-Status: Backport [ https://github.com/file/file/commit/497aabb29cd08d2a5aeb63e45798d65fcbe03502 ]
|
|
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
|
|
|
|
From 497aabb29cd08d2a5aeb63e45798d65fcbe03502 Mon Sep 17 00:00:00 2001
|
|
From: Christos Zoulas <christos@zoulas.com>
|
|
Date: Mon, 14 Feb 2022 16:26:10 +0000
|
|
Subject: [PATCH] PR/310: p870613: Don't use strlcpy to copy the string, it
|
|
will try to scan the source string to find out how much space is needed the
|
|
source string might not be NUL terminated.
|
|
|
|
---
|
|
src/funcs.c | 11 +++++++----
|
|
1 file changed, 6 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/src/funcs.c b/src/funcs.c
|
|
index 89e1da597..dcfd352d2 100644
|
|
--- a/src/funcs.c
|
|
+++ b/src/funcs.c
|
|
@@ -54,9 +54,12 @@ FILE_RCSID("@(#)$File: funcs.c,v 1.124 2022/01/10 14:15:08 christos Exp $")
|
|
protected char *
|
|
file_copystr(char *buf, size_t blen, size_t width, const char *str)
|
|
{
|
|
- if (++width > blen)
|
|
- width = blen;
|
|
- strlcpy(buf, str, width);
|
|
+ if (blen == 0)
|
|
+ return buf;
|
|
+ if (width >= blen)
|
|
+ width = blen - 1;
|
|
+ memcpy(buf, str, width);
|
|
+ buf[width] = '\0';
|
|
return buf;
|
|
}
|
|
|