summaryrefslogtreecommitdiff
path: root/sbin
diff options
context:
space:
mode:
authorKenneth R Westerback <krw@cvs.openbsd.org>2015-11-03 14:20:01 +0000
committerKenneth R Westerback <krw@cvs.openbsd.org>2015-11-03 14:20:01 +0000
commit3677ee48083ef41eecd6cd2134fd8105bcaae4db (patch)
treec3b1c2688c281f6a09c11407d49a11570f18fdae /sbin
parent8c5bef2d95dff2780436be4e5ddda399b109fd26 (diff)
Don't allow the user to enter GPT partition names too large to fit
in the GPT partition structure. And don't run off the end of the name buffer by confusing sizeof() with the number of elements in an array. Use the new GPTPARTNAMESIZE #define instead. While here, zap the old partition name before setting the new one, lest a short new name leave bits of an old long name in place. Originally spotted by jsg@ and his friend cppcheck. ok jsg@ for slightly different version.
Diffstat (limited to 'sbin')
-rw-r--r--sbin/fdisk/cmd.c8
-rw-r--r--sbin/fdisk/misc.c14
2 files changed, 14 insertions, 8 deletions
diff --git a/sbin/fdisk/cmd.c b/sbin/fdisk/cmd.c
index 6d445017f49..9c2de8b3d3b 100644
--- a/sbin/fdisk/cmd.c
+++ b/sbin/fdisk/cmd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cmd.c,v 1.83 2015/10/26 15:08:26 krw Exp $ */
+/* $OpenBSD: cmd.c,v 1.84 2015/11/03 14:20:00 krw Exp $ */
/*
* Copyright (c) 1997 Tobias Weingartner
@@ -198,6 +198,12 @@ Xgedit(char *args)
/* Ask for partition name. */
name = ask_string("partition name", utf16le_to_string(gg->gp_name));
+ if (strlen(name) >= GPTPARTNAMESIZE) {
+ printf("partition name must be < %d characters\n",
+ GPTPARTNAMESIZE);
+ return (CMD_CONT);
+ }
+ memset(gg->gp_name, 0, sizeof(gg->gp_name));
memcpy(gg->gp_name, string_to_utf16le(name), sizeof(gg->gp_name));
return (ret);
diff --git a/sbin/fdisk/misc.c b/sbin/fdisk/misc.c
index cc95a29875e..e87c806a41f 100644
--- a/sbin/fdisk/misc.c
+++ b/sbin/fdisk/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.54 2015/10/26 15:08:26 krw Exp $ */
+/* $OpenBSD: misc.c,v 1.55 2015/11/03 14:20:00 krw Exp $ */
/*
* Copyright (c) 1997 Tobias Weingartner
@@ -371,15 +371,15 @@ crc32(const u_char *buf, const u_int32_t size)
char *
utf16le_to_string(u_int16_t *utf)
{
- static char name[36];
+ static char name[GPTPARTNAMESIZE];
int i;
- for (i = 0; i < sizeof(name); i++) {
+ for (i = 0; i < GPTPARTNAMESIZE; i++) {
name[i] = letoh16(utf[i]) & 0x7F;
if (name[i] == '\0')
break;
}
- if (i == sizeof(name))
+ if (i == GPTPARTNAMESIZE)
name[i - 1] = '\0';
return (name);
@@ -388,15 +388,15 @@ utf16le_to_string(u_int16_t *utf)
u_int16_t *
string_to_utf16le(char *ch)
{
- static u_int16_t utf[36];
+ static u_int16_t utf[GPTPARTNAMESIZE];
int i;
- for (i = 0; i < sizeof(utf); i++) {
+ for (i = 0; i < GPTPARTNAMESIZE; i++) {
utf[i] = htole16((unsigned int)ch[i]);
if (utf[i] == 0)
break;
}
- if (i == sizeof(utf))
+ if (i == GPTPARTNAMESIZE)
utf[i - 1] = 0;
return (utf);