summaryrefslogtreecommitdiff
path: root/extras
diff options
context:
space:
mode:
authorHarald Hoyer <harald@redhat.com>2009-09-16 17:42:15 +0200
committerKay Sievers <kay.sievers@vrfy.org>2009-09-17 00:06:03 +0200
commit676cea155a80b3a3e7b3d2fda1fce8a41d79e2b8 (patch)
tree54204af2ee91a040e84e720cdadf681a7fca6c43 /extras
parent91554cf9a141c8b39ffcdd5cd7440bc2728736bc (diff)
scsi_id: prevent buffer overflow in check_fill_0x83_prespc3()
see https://bugzilla.redhat.com/show_bug.cgi?id=516920
Diffstat (limited to 'extras')
-rw-r--r--extras/scsi_id/scsi_serial.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/extras/scsi_id/scsi_serial.c b/extras/scsi_id/scsi_serial.c
index 92359122d8..ab0ffd62aa 100644
--- a/extras/scsi_id/scsi_serial.c
+++ b/extras/scsi_id/scsi_serial.c
@@ -578,11 +578,12 @@ static int check_fill_0x83_prespc3(struct udev *udev,
/* serial has been memset to zero before */
j = strlen(serial); /* j = 1; */
- for (i = 0; i < page_83[3]; ++i) {
+ for (i = 0; (i < page_83[3]) && (j < max_len-3); ++i) {
serial[j++] = hex_str[(page_83[4+i] & 0xf0) >> 4];
serial[j++] = hex_str[ page_83[4+i] & 0x0f];
}
- strcpy(serial_short, serial);
+ serial[max_len-1] = 0;
+ strncpy(serial_short, serial, max_len-1);
return 0;
}
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-12-20 11:56:40 +0000