1
From e3947b51f36c939ebbc61f3962964c0dbbe340a6 Mon Sep 17 00:00:00 2001
2
From: Martin Pitt <martin.pitt@ubuntu.com>
3
Date: Fri, 24 May 2013 06:45:57 +0200
4
Subject: [PATCH] Fix memory corruption with writing labels
6
In write_label(), do not assume that the passed label is big enough to actually
7
hold 11 characters. dosfslabel just passes the argv[] string, which must not
8
be modified; so create a copy for filling up with spaces.
10
Bug-Debian: http://bugs.debian.org/702392
11
Bug-Ubuntu: https://launchpad.net/bugs/1183406
13
src/boot.c | 11 +++++------
14
1 file changed, 5 insertions(+), 6 deletions(-)
16
diff --git a/src/boot.c b/src/boot.c
17
index 86cc682..4b22bbe 100644
20
@@ -567,11 +567,10 @@ static void write_volume_label(DOS_FS * fs, char *label)
22
void write_label(DOS_FS * fs, char *label)
24
- int l = strlen(label);
25
+ /* we want to fill up the passed label with spaces to 11 chars */
26
+ char filled_label[] = " ";
27
+ strncpy(filled_label, label, sizeof(filled_label) - 1);
32
- write_boot_label(fs, label);
33
- write_volume_label(fs, label);
34
+ write_boot_label(fs, filled_label);
35
+ write_volume_label(fs, filled_label);