michael/u-boot
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fs: exfat: Use strncpy() and bail on too long filenames

Browse Source 
In case the filename is too long, longer than PATH_MAX - 1, it
would overflow dirs->dirname array. Add missing check and also
use strncpy() to prevent the overflow in any case.

Fixes CID 550305:  Security best practices violations  (STRING_OVERFLOW)

Signed-off-by: Marek Vasut <marex@denx.de>
This commit is contained in:
Marek Vasut
2025-04-30 18:45:51 +02:00
committed by Tom Rini
parent 1c26f91a22
commit 4ba2fe14f2
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
fs/exfat/io.c
View File

@@ -720,6 +720,9 @@ int exfat_fs_opendir(const char *filename, struct fs_dir_stream **dirsp)
struct exfat_node *dnode;
int err;
if (strlen(filename) >= PATH_MAX)
return -ENAMETOOLONG;
err = exfat_lookup_realpath(&ctxt.ef, &dnode, filename);
if (err)
return err;
@@ -736,7 +739,7 @@ int exfat_fs_opendir(const char *filename, struct fs_dir_stream **dirsp)
if (!dirs)
return -ENOMEM;
strcpy(dirs->dirname, filename);
strncpy(dirs->dirname, filename, PATH_MAX - 1);
dirs->offset = -1;
*dirsp = &dirs->fs_dirs;