5 Jun
2013
5 Jun
'13
2:34 p.m.
On Sun, May 19, 2013 at 12:53:34PM -0000, Marek Vasut wrote:
Make sure to never access beyond bounds of either EFI partition name or DOS partition name. This situation is happening:
part.h: disk_partition_t->name is 32-byte long part_efi.h: gpt_entry->partition_name is 36-bytes long
The loop in part_efi.c copies over 36 bytes and thus accesses beyond the disk_partition_t->name .
Fix this by picking the shortest of source and destination arrays and make sure the destination array is cleared so the trailing bytes are zeroed-out and don't cause issues with string manipulation.
Signed-off-by: Marek Vasut marex@denx.de Cc: Tom Rini trini@ti.com Cc: Simon Glass sjg@chromium.org
Applied to u-boot/master, thanks!
--
Tom