leandrof/u-boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
817e48d8a2
u-boot/lib
History
Lukasz Majewski 817e48d8a2 env: import: hashtable: Prevent buffer overrun when importing environment from file 
Lets consider following scenario:
- One uses echo -n "key=value" to define environment variable in a file (single variable)
- The file content is "key=value" without any terminating byte (e.g. 0x0a or
0x0d).
- The file is loaded to u-boot non zero'ed RAM buffer (with load command).
- Then "env import -t -r $loadaddr $filesize" is executed.
- Due to lack of proper termination byte we have classical example of buffer
  overrun.

This patch prevents from this by allocating one extra byte than size and
explicitly null terminate it.

There should be no change for normal env import operation after applying
this patch.

Signed-off-by: Lukasz Majewski <l.majewski@majess.pl>
2015-09-15 15:05:08 -04:00
..
bzip2 bzlib: Update destLen even on error 2015-01-14 11:35:44 -05:00
dhry Add a dhrystone benchmark command 2015-07-21 17:39:19 -06:00
efi efi: Add functions for decoding the EFI tables 2015-08-05 08:44:07 -06:00
libfdt fdt: Add fdt_first/next_region() functions 2015-07-21 17:39:20 -06:00
lzma lzma: fix buffer bound check error further 2015-01-14 11:35:43 -05:00
lzo lzo: Update dst_len even on error 2015-01-14 11:35:44 -05:00
rsa rsa : Compile Modular Exponentiation files based on CONFIG_RSA_SOFTWARE_EXP 2015-03-05 12:04:59 -08:00
tizen Logo: TIZEN: Change booting logo size to official size. 2014-03-28 15:06:30 -04:00
zlib Move malloc_cache_aligned() to its own header 2015-09-11 17:15:16 -04:00
addr_map.c lib/powerpc: addrmap_phys_to_virt() should return a pointer 2012-07-06 17:30:32 -05:00
aes.c aes: make apply_cbc_chain_data non-static 2014-04-18 16:14:17 -04:00
asm-offsets.c lib/asm-offsets - make GD_RELOCADDR, GD_RELOC_OFF & GD_START_ADDR_SP available for all architectures 2015-03-05 20:50:28 -05:00
bch.c nand: Merge BCH code from Linux nand driver 2012-01-26 16:09:02 -06:00
bitrev.c Add GPL-2.0+ SPDX-License-Identifier to source files 2013-07-24 09:44:38 -04:00
circbuf.c Add GPL-2.0+ SPDX-License-Identifier to source files 2013-07-24 09:44:38 -04:00
crc7.c lib: add crc7 from Linux 2011-01-18 23:38:08 +01:00
crc8.c Add crc8 routine 2014-01-08 17:20:34 -07:00
crc16.c Add eCos-2.0 SPDX-License-Identifier to source files 2013-07-24 09:45:01 -04:00
crc32.c crc32: Correct endianness of crc32 result 2013-04-19 10:24:14 -04:00
ctype.c Add GPL-2.0+ SPDX-License-Identifier to source files 2013-07-24 09:44:38 -04:00
display_options.c lib/display_options: Fix print_freq 2015-08-28 12:32:36 -04:00
div64.c lib: div64: add missing include 2014-07-18 17:53:22 -04:00
errno_str.c lib: errno: introduce errno_str(): returns errno related message 2014-12-11 13:18:41 -07:00
errno.c Add basic errno support. 2010-09-19 19:29:47 +02:00
fdtdec_common.c lib, fdt: move fdtdec_get_int() out of lib/fdtdec.c 2014-06-23 09:11:30 -04:00
fdtdec_test.c Add GPL-2.0+ SPDX-License-Identifier to source files 2013-07-24 09:44:38 -04:00
fdtdec.c mmc: dw_mmc: Probe the MMC from OF 2015-09-04 11:54:20 +02:00
gunzip.c gunzip: add gzwrite routine for extracting compresed images to block device 2015-04-22 12:14:55 -04:00
gzip.c Move malloc_cache_aligned() to its own header 2015-09-11 17:15:16 -04:00
hang.c Add GPL-2.0+ SPDX-License-Identifier to source files 2013-07-24 09:44:38 -04:00
hashtable.c env: import: hashtable: Prevent buffer overrun when importing environment from file 2015-09-15 15:05:08 -04:00
initcall.c efi: Display the correct initcall pre-relocation values 2015-08-05 08:42:41 -06:00
Kconfig tpm: Add Kconfig options for TPMs 2015-08-31 07:57:27 -06:00
ldiv.c Add LGPL-2.0+ SPDX-License-Identifier to source files 2013-07-24 09:45:01 -04:00
linux_compat.c linux_compat: handle __GFP_ZERO in kmalloc() 2015-07-22 07:30:44 -06:00
linux_string.c Make linux kernel string funcs available to tools 2012-12-13 11:46:07 -07:00
list_sort.c kbuild: force to define __UBOOT__ in all the C sources 2014-09-16 12:23:56 -04:00
lmb.c lmb: make local functions static 2014-10-25 07:02:01 -04:00
Makefile of: clean up OF_CONTROL ifdef conditionals 2015-08-18 13:46:05 -04:00
md5.c GCC47: Fix warning in md5.c 2012-04-29 14:14:08 +02:00
net_utils.c net: cosmetic: Change IPaddr_t to struct in_addr 2015-04-18 11:11:32 -06:00
physmem.c Introduce arch_phys_memset which works like memset but on physical memory 2012-12-06 14:30:40 -08:00
qsort.c Include common.h in qsort.c to fix build warning 2011-12-07 08:39:54 +01:00
rand.c Add GPL-2.0+ SPDX-License-Identifier to source files 2013-07-24 09:44:38 -04:00
rbtree.c kbuild: force to define __UBOOT__ in all the C sources 2014-09-16 12:23:56 -04:00
rc4.c Add rivest cipher 4 (rc4) implementation 2015-07-21 17:39:28 -06:00
sha1.c lib:sha1: remove unused constant 2014-07-18 17:53:23 -04:00
sha256.c includes: move openssl headers to include/u-boot 2014-06-19 11:19:04 -04:00
slre.c Coding Style cleanup: remove trailing white space 2013-10-14 16:06:53 -04:00
string.c lib: string: move strlcpy() to a common place 2014-12-11 13:18:41 -07:00
strmhz.c replace DIV_ROUND with DIV_ROUND_CLOSEST 2014-11-20 11:28:25 -05:00
time.c Use uint64_t for time types 2014-10-27 11:04:01 -04:00
tpm.c tpm: Add functions to access flags and permissions 2015-08-31 07:57:29 -06:00
trace.c common: Make sure arch-specific map_sysmem() is defined 2015-04-18 11:11:09 -06:00
uuid.c cmd:gpt: randomly generate each partition uuid if undefined 2014-04-02 16:36:06 -04:00
vsprintf.c lib: Add function to extract a number from the end of a string 2015-07-21 17:39:28 -06:00