1 From 783e08a4e5f6769f7ebd2f3e43ca4ccfab003e8b Mon Sep 17 00:00:00 2001
2 From: Sergei Antonov <saproj@gmail.com>
3 Date: Fri, 3 Jul 2015 00:21:23 +0200
4 Subject: [PATCH 66/75] mac: copy partition type and name correctly
6 Use strncpy() instead of strcpy() to copy partition name and type.
7 This prevents possible buffer overflow, because the source string
8 occupies up to 33 bytes with a terminating null.
10 Static analysis tools complain about the code as it is now:
11 Function: _generate_raw_part
12 Destination buffer too small
13 string_overflow: You might overrun the 32 byte destination string
14 part_map_entry->type by writing 33 bytes from mac_part_data->system_name
15 (Destination buffer too small, line 933)
17 Cc: Sabas Rosales, Blanca E <blanca.e.sabas.rosales@intel.com>
18 Signed-off-by: Sergei Antonov <saproj@gmail.com>
19 Signed-off-by: Brian C. Lane <bcl@brianlane.com>
20 (cherry picked from commit 282e25e0384e8d1275ccacf904fdaf65f1d4a8af)
22 libparted/labels/mac.c | 4 ++--
23 1 file changed, 2 insertions(+), 2 deletions(-)
25 diff --git a/libparted/labels/mac.c b/libparted/labels/mac.c
26 index 1034418..d8da941 100644
27 --- a/libparted/labels/mac.c
28 +++ b/libparted/labels/mac.c
29 @@ -930,8 +930,8 @@ _generate_raw_part (PedDisk* disk, PedPartition* part,
30 = PED_CPU_TO_BE32 (mac_disk_data->last_part_entry_num);
31 part_map_entry->start_block = PED_CPU_TO_BE32 (part->geom.start);
32 part_map_entry->block_count = PED_CPU_TO_BE32 (part->geom.length);
33 - strcpy (part_map_entry->name, mac_part_data->volume_name);
34 - strcpy (part_map_entry->type, mac_part_data->system_name);
35 + strncpy (part_map_entry->name, mac_part_data->volume_name, 32);
36 + strncpy (part_map_entry->type, mac_part_data->system_name, 32);
38 if (mac_part_data->is_driver) {
39 mac_part_data->boot_region_length = part->geom.length;
projects / packages / parted.git / blob