From d6e25f3f02a3be47a009032370899d9b7c527bbd Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 16 Jul 2015 16:09:46 -0400
Subject: [PATCH 1/2] Fix a potential buffer overflow.

Signed-off-by: Peter Jones <pjones@redhat.com>
---
 mokutil-0.2.0/src/mokutil.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/mokutil-0.2.0/src/mokutil.c b/mokutil-0.2.0/src/mokutil.c
index e7ea08f..44c8b72 100644
--- a/mokutil-0.2.0/src/mokutil.c
+++ b/mokutil-0.2.0/src/mokutil.c
@@ -1100,7 +1100,7 @@ set_validation (uint32_t state)
 	MokSBVar sbvar;
 	char *password = NULL;
 	int pw_len;
-	efi_char16_t efichar_pass[SB_PASSWORD_MAX];
+	efi_char16_t efichar_pass[SB_PASSWORD_MAX+1];
 	int ret = -1;
 
 	printf ("password length: %d~%d\n", SB_PASSWORD_MIN, SB_PASSWORD_MAX);
@@ -1114,8 +1114,7 @@ set_validation (uint32_t state)
 	efichar_from_char (efichar_pass, password,
 			   SB_PASSWORD_MAX * sizeof(efi_char16_t));
 
-	memcpy(sbvar.password, efichar_pass,
-	       SB_PASSWORD_MAX * sizeof(efi_char16_t));
+	memcpy(sbvar.password, efichar_pass, sizeof (sbvar.password));
 
 	sbvar.mok_sb_state = state;
 
-- 
2.4.3