Prevented potential string overruns. Thanks Eliska Svobodova.

This commit is contained in:
Thomas Schmitt 2019-08-14 16:18:48 +02:00
parent 3eba8cc921
commit 06346c1e98
2 changed files with 11 additions and 1 deletions

View File

@ -847,6 +847,14 @@ treatment_patch:;
xorriso->boot_efi_default= 0; xorriso->boot_efi_default= 0;
} else if(strncmp(treatpt, "bin_path=", 9) == 0) { } else if(strncmp(treatpt, "bin_path=", 9) == 0) {
if(strncmp(treatpt + 9, "--interval:appended_partition_", 30) == 0) { if(strncmp(treatpt + 9, "--interval:appended_partition_", 30) == 0) {
if(strlen(treatpt + 9) >= sizeof(xorriso->boot_image_bin_path)) {
interval_text_long:;
sprintf(xorriso->info_text,
"-boot_image: --interval text is much too long (%d)",
(int) strlen(treatpt + 9));
Xorriso_msgs_submit(xorriso, 0, xorriso->info_text, 0, "FAILURE", 0);
ret= 0; goto ex;
}
strcpy(xorriso->boot_image_bin_path, treatpt + 9); strcpy(xorriso->boot_image_bin_path, treatpt + 9);
} else { } else {
ret= Xorriso_normalize_img_path(xorriso, xorriso->wdi, treatpt + 9, ret= Xorriso_normalize_img_path(xorriso, xorriso->wdi, treatpt + 9,
@ -871,6 +879,8 @@ treatment_patch:;
xorriso->boot_efi_default= 0; xorriso->boot_efi_default= 0;
} else if(strncmp(treatpt, "efi_path=", 9) == 0) { } else if(strncmp(treatpt, "efi_path=", 9) == 0) {
if(strncmp(treatpt + 9, "--interval:appended_partition_", 30) == 0) { if(strncmp(treatpt + 9, "--interval:appended_partition_", 30) == 0) {
if(strlen(treatpt + 9) >= sizeof(xorriso->boot_image_bin_path))
goto interval_text_long;
strcpy(xorriso->boot_image_bin_path, treatpt + 9); strcpy(xorriso->boot_image_bin_path, treatpt + 9);
} else { } else {
ret= Xorriso_normalize_img_path(xorriso, xorriso->wdi, treatpt + 9, ret= Xorriso_normalize_img_path(xorriso, xorriso->wdi, treatpt + 9,

View File

@ -1 +1 @@
#define Xorriso_timestamP "2019.08.14.094038" #define Xorriso_timestamP "2019.08.14.141748"