Prevent a stack overflow in fit_check_sign It is trivial to crash fit_check_sign by invoking with an absolute path in a deeply nested directory. This is exposed by vboot_test.sh. Signed-off-by: Michael van der Westhuizen <michael@smart-africa.com> Acked-by: Simon Glass <sjg@chromium.org>

commit: 64375014c499528d9df5ee37f78844823a9d21f2 [log] [tgz]
author: Michael van der Westhuizen <michael@smart-africa.com> Tue May 20 15:58:58 2014 +0200
committer: Tom Rini <trini@ti.com> Thu Jun 05 14:44:56 2014 -0400
tree: 15cf1e98e94e488c8948d7939aa402be97b27fee
parent: 25308f45e11527cbfc7ff6d9dced7800e4b976e4 [diff] [blame]
diff --git a/tools/fit_check_sign.c b/tools/fit_check_sign.c
index d6d9340..817773d 100644
--- a/tools/fit_check_sign.c
+++ b/tools/fit_check_sign.c

@@ -42,12 +42,13 @@
 	void *fit_blob;
 	char *fdtfile = NULL;
 	char *keyfile = NULL;
-	char cmdname[50];
+	char cmdname[256];
 	int ret;
 	void *key_blob;
 	int c;
 
-	strcpy(cmdname, *argv);
+	strncpy(cmdname, *argv, sizeof(cmdname) - 1);
+	cmdname[sizeof(cmdname) - 1] = '\0';
 	while ((c = getopt(argc, argv, "f:k:")) != -1)
 		switch (c) {
 		case 'f':
commit	64375014c499528d9df5ee37f78844823a9d21f2	[log] [tgz]
author	Michael van der Westhuizen <michael@smart-africa.com>	Tue May 20 15:58:58 2014 +0200
committer	Tom Rini <trini@ti.com>	Thu Jun 05 14:44:56 2014 -0400
tree	15cf1e98e94e488c8948d7939aa402be97b27fee
parent	25308f45e11527cbfc7ff6d9dced7800e4b976e4 [diff] [blame]