Gitiles
Code Review Sign In
gerrit.openbmc.org / stefanberger / openbmc / 8928e81ba673979d658b919717563a78e9d6d25d / . / poky / meta / recipes-multimedia / alsa / alsa-lib / 0001-ucm-Use-strncmp-to-avoid-access-out-of-boundary.patch
blob: 96dcd8abac110bf2628e293c048787147270eea2 [file] [log] [blame]
From 4b6fe372c68d1ff50e7c161cffadeb298734f49c Mon Sep 17 00:00:00 2001
From: paulhsia <paulhsia@chromium.org>
Date: Sat, 30 Nov 2019 03:35:30 +0800
Subject: [PATCH 1/5] ucm: Use strncmp to avoid access-out-of-boundary
If the length of the identifier is less than the length of the prefix,
access-out-of-boundary will occur in memcmp().
Signed-off-by: paulhsia <paulhsia@chromium.org>
Signed-off-by: Jaroslav Kysela <perex@perex.cz>
Upstream-Status: Backport
Signed-off-by: Tanu Kaskinen <tanuk@iki.fi>
---
src/ucm/main.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/ucm/main.c b/src/ucm/main.c
index b0b6ffb3..252e50d9 100644
--- a/src/ucm/main.c
+++ b/src/ucm/main.c
@@ -61,11 +61,13 @@ static int check_identifier(const char *identifier, const char *prefix)
{
int len;
- if (strcmp(identifier, prefix) == 0)
- return 1;
len = strlen(prefix);
- if (memcmp(identifier, prefix, len) == 0 && identifier[len] == '/')
+ if (strncmp(identifier, prefix, len) != 0)
+ return 0;
+
+ if (identifier[len] == 0 || identifier[len] == '/')
return 1;
+
return 0;
}
--
2.20.1