← Back to branch summary

~ubuntu-branches/ubuntu/saucy/dosfstools/saucy-proposed

« back to all changes in this revision

Viewing changes to debian/patches/write_label_memory_corruption.patch

  • Committer: Package Import Robot
  • Author(s): Martin Pitt
  • Date: 2013-05-24 07:01:25 UTC
  • Revision ID: package-import@ubuntu.com-20130524070125-p4iqxnwd2j90rqsd
Tags: 3.0.16-2ubuntu1
http://bugs.debian.org/702392
https://launchpad.net/bugs/1183406
Add write_label_memory_corruption.patch: Fix memory corruption with
writing labels. (LP: #1183406, Closes: #702392)

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/write_label_memory_corruption.patch
 
1
From e3947b51f36c939ebbc61f3962964c0dbbe340a6 Mon Sep 17 00:00:00 2001
 
2
From: Martin Pitt <martin.pitt@ubuntu.com>
 
3
Date: Fri, 24 May 2013 06:45:57 +0200
 
4
Subject: [PATCH] Fix memory corruption with writing labels
 
5
 
 
6
In write_label(), do not assume that the passed label is big enough to actually
 
7
hold 11 characters. dosfslabel just passes the argv[] string, which must not
 
8
be modified; so create a copy for filling up with spaces.
 
9
 
 
10
Bug-Debian: http://bugs.debian.org/702392
 
11
Bug-Ubuntu: https://launchpad.net/bugs/1183406
 
12
---
 
13
 src/boot.c | 11 +++++------
 
14
 1 file changed, 5 insertions(+), 6 deletions(-)
 
15
 
 
16
diff --git a/src/boot.c b/src/boot.c
 
17
index 86cc682..4b22bbe 100644
 
18
--- a/src/boot.c
 
19
+++ b/src/boot.c
 
20
@@ -567,11 +567,10 @@ static void write_volume_label(DOS_FS * fs, char *label)
 
21
 
 
22
 void write_label(DOS_FS * fs, char *label)
 
23
 {
 
24
-    int l = strlen(label);
 
25
+    /* we want to fill up the passed label with spaces to 11 chars */
 
26
+    char filled_label[] = "           ";
 
27
+    strncpy(filled_label, label, sizeof(filled_label) - 1);
 
28
 
 
29
-    while (l < 11)
 
30
-       label[l++] = ' ';
 
31
-
 
32
-    write_boot_label(fs, label);
 
33
-    write_volume_label(fs, label);
 
34
+    write_boot_label(fs, filled_label);
 
35
+    write_volume_label(fs, filled_label);
 
36
 }
 
37
-- 
 
38
1.8.1.2
 
39