rpms / fwupd

Clone
Source Code
GIT

Blame SOURCES/0009-trivial-Fix-a-buffer-overread-spotted-by-AddressSani.patch

c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c5a379d00689497bb626cc691dc0ab32d00d8881
  2.   SOURCES
  3.   0009-trivial-Fix-a-buffer-overread-spotted-by-AddressSani.patch
Blob History Raw
c5a379 
From b743836b16c64e2d726f85113cd4ab6f18ed4df0 Mon Sep 17 00:00:00 2001
c5a379 
From: Richard Hughes <richard@hughsie.com>
c5a379 
Date: Mon, 8 Feb 2021 16:47:05 +0000
c5a379 
Subject: [PATCH 09/11] trivial: Fix a buffer-overread spotted by
c5a379 
 AddressSanitizer
c5a379
c5a379 
---
c5a379 
 libfwupdplugin/fu-common.c | 6 ++----
c5a379 
 1 file changed, 2 insertions(+), 4 deletions(-)
c5a379
c5a379 
diff --git libfwupdplugin/fu-common.c libfwupdplugin/fu-common.c
c5a379 
index d4dd4aef..094f2d23 100644
c5a379 
--- libfwupdplugin/fu-common.c
c5a379 
+++ libfwupdplugin/fu-common.c
c5a379 
@@ -1856,14 +1856,12 @@ fu_common_strsafe (const gchar *str, gsize maxsz)
c5a379 
 	gboolean valid = FALSE;
c5a379 
 	g_autoptr(GString) tmp = NULL;
c5a379
c5a379 
-	g_return_val_if_fail (maxsz > 0, NULL);
c5a379 
-
c5a379 
 	/* sanity check */
c5a379 
-	if (str == NULL)
c5a379 
+	if (str == NULL || maxsz == 0)
c5a379 
 		return NULL;
c5a379
c5a379 
 	/* replace non-printable chars with '.' */
c5a379 
-	tmp = g_string_sized_new (strlen (str));
c5a379 
+	tmp = g_string_sized_new (maxsz);
c5a379 
 	for (gsize i = 0; str[i] != '\0' && i < maxsz; i++) {
c5a379 
 		if (!g_ascii_isprint (str[i])) {
c5a379 
 			g_string_append_c (tmp, '.');
c5a379 
--
c5a379 
2.29.2
c5a379

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation