lib/hashtable.c · 817e48d8a2998b19dc36a77f8363b5f74bc3fa9e · Jack Humbert / reform-boundary-uboot

Forked from Reform / reform-boundary-uboot

Source project has a limited visibility.

9 years ago

env: import: hashtable: Prevent buffer overrun when importing environment from file · 817e48d8

Lukasz Majewski authored 9 years ago


Lets consider following scenario:
- One uses echo -n "key=value" to define environment variable in a file (single variable)
- The file content is "key=value" without any terminating byte (e.g. 0x0a or
0x0d).
- The file is loaded to u-boot non zero'ed RAM buffer (with load command).
- Then "env import -t -r $loadaddr $filesize" is executed.
- Due to lack of proper termination byte we have classical example of buffer
  overrun.

This patch prevents from this by allocating one extra byte than size and
explicitly null terminate it.

There should be no change for normal env import operation after applying
this patch.

Signed-off-by: Lukasz Majewski <l.majewski@majess.pl>

817e48d8

History

env: import: hashtable: Prevent buffer overrun when importing environment from file

Lukasz Majewski authored 9 years ago


Lets consider following scenario:
- One uses echo -n "key=value" to define environment variable in a file (single variable)
- The file content is "key=value" without any terminating byte (e.g. 0x0a or
0x0d).
- The file is loaded to u-boot non zero'ed RAM buffer (with load command).
- Then "env import -t -r $loadaddr $filesize" is executed.
- Due to lack of proper termination byte we have classical example of buffer
  overrun.

This patch prevents from this by allocating one extra byte than size and
explicitly null terminate it.

There should be no change for normal env import operation after applying
this patch.

Signed-off-by: Lukasz Majewski <l.majewski@majess.pl>