From 3677ee48083ef41eecd6cd2134fd8105bcaae4db Mon Sep 17 00:00:00 2001 From: Kenneth R Westerback Date: Tue, 3 Nov 2015 14:20:01 +0000 Subject: Don't allow the user to enter GPT partition names too large to fit in the GPT partition structure. And don't run off the end of the name buffer by confusing sizeof() with the number of elements in an array. Use the new GPTPARTNAMESIZE #define instead. While here, zap the old partition name before setting the new one, lest a short new name leave bits of an old long name in place. Originally spotted by jsg@ and his friend cppcheck. ok jsg@ for slightly different version. --- sbin/fdisk/cmd.c | 8 +++++++- sbin/fdisk/misc.c | 14 +++++++------- 2 files changed, 14 insertions(+), 8 deletions(-) (limited to 'sbin/fdisk') diff --git a/sbin/fdisk/cmd.c b/sbin/fdisk/cmd.c index 6d445017f49..9c2de8b3d3b 100644 --- a/sbin/fdisk/cmd.c +++ b/sbin/fdisk/cmd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cmd.c,v 1.83 2015/10/26 15:08:26 krw Exp $ */ +/* $OpenBSD: cmd.c,v 1.84 2015/11/03 14:20:00 krw Exp $ */ /* * Copyright (c) 1997 Tobias Weingartner @@ -198,6 +198,12 @@ Xgedit(char *args) /* Ask for partition name. */ name = ask_string("partition name", utf16le_to_string(gg->gp_name)); + if (strlen(name) >= GPTPARTNAMESIZE) { + printf("partition name must be < %d characters\n", + GPTPARTNAMESIZE); + return (CMD_CONT); + } + memset(gg->gp_name, 0, sizeof(gg->gp_name)); memcpy(gg->gp_name, string_to_utf16le(name), sizeof(gg->gp_name)); return (ret); diff --git a/sbin/fdisk/misc.c b/sbin/fdisk/misc.c index cc95a29875e..e87c806a41f 100644 --- a/sbin/fdisk/misc.c +++ b/sbin/fdisk/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.54 2015/10/26 15:08:26 krw Exp $ */ +/* $OpenBSD: misc.c,v 1.55 2015/11/03 14:20:00 krw Exp $ */ /* * Copyright (c) 1997 Tobias Weingartner @@ -371,15 +371,15 @@ crc32(const u_char *buf, const u_int32_t size) char * utf16le_to_string(u_int16_t *utf) { - static char name[36]; + static char name[GPTPARTNAMESIZE]; int i; - for (i = 0; i < sizeof(name); i++) { + for (i = 0; i < GPTPARTNAMESIZE; i++) { name[i] = letoh16(utf[i]) & 0x7F; if (name[i] == '\0') break; } - if (i == sizeof(name)) + if (i == GPTPARTNAMESIZE) name[i - 1] = '\0'; return (name); @@ -388,15 +388,15 @@ utf16le_to_string(u_int16_t *utf) u_int16_t * string_to_utf16le(char *ch) { - static u_int16_t utf[36]; + static u_int16_t utf[GPTPARTNAMESIZE]; int i; - for (i = 0; i < sizeof(utf); i++) { + for (i = 0; i < GPTPARTNAMESIZE; i++) { utf[i] = htole16((unsigned int)ch[i]); if (utf[i] == 0) break; } - if (i == sizeof(utf)) + if (i == GPTPARTNAMESIZE) utf[i - 1] = 0; return (utf); -- cgit v1.2.3