projects / profile / ivi / syslinux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 43ec93d)
hdt: Fixing memory corruption
authorerwan <erwan@r1.paris>
Wed, 19 Aug 2009 22:19:44 +0000 (00:19 +0200)
committererwan <erwan@r1.paris>
Wed, 19 Aug 2009 22:19:44 +0000 (00:19 +0200)
Impact: Improve stability

In some case, sectors_to_size can return a 8 char long string like "1000
MiB". In such case, some buffer were corrupted.

This is now fixed by a size[9] instead of size[8].

com32/hdt/hdt-cli-disk.c patch | blob | history
com32/hdt/hdt-menu-disk.c patch | blob | history

diff --git a/com32/hdt/hdt-cli-disk.c b/com32/hdt/hdt-cli-disk.c
index ffbec4f..ef67abf 100644 (file)
--- a/com32/hdt/hdt-cli-disk.c
+++ b/com32/hdt/hdt-cli-disk.c
@@ -62,7 +62,7 @@ static void show_partition_information(struct driveinfo *drive_info,
                                       int partition_offset,
                                       int nb_partitions_seen)
 {
-       char size[8];
+       char size[9];
        char *parttype;
        int error = 0;
        char error_buffer[MAX_DISK_ERRNO];
@@ -122,7 +122,7 @@ void main_show_disk(int argc, char **argv,
        int i = drive - 0x80;
        struct driveinfo *d = &hardware->disk_info[i];
        char error_buffer[MAX_DISK_ERRNO];
-       char disk_size[8];
+       char disk_size[9];
 
        detect_disks(hardware);
        if (!hardware->disk_info[i].cbios)
@@ -177,7 +177,7 @@ void disks_summary(int argc __unused, char** argv __unused,
                if (!hardware->disk_info[i].cbios)
                        continue; /* Invalid geometry */
                struct driveinfo *d = &hardware->disk_info[i];
-               char disk_size[8];
+               char disk_size[9];
 
                if ((int) d->edd_params.sectors > 0)
                        sectors_to_size((int) d->edd_params.sectors, disk_size);
diff --git a/com32/hdt/hdt-menu-disk.c b/com32/hdt/hdt-menu-disk.c
index 487d1e4..794efd2 100644 (file)
--- a/com32/hdt/hdt-menu-disk.c
+++ b/com32/hdt/hdt-menu-disk.c
@@ -80,7 +80,7 @@ static void compute_partition_information(struct driveinfo *drive_info,
                                           int partition_offset,
                                           int nb_partitions_seen)
 {
-        char size[8];
+        char size[9];
         char *parttype;
         unsigned int start, end;
        char buffer[SUBMENULEN+1];
@@ -169,7 +169,7 @@ static int compute_disk_module(struct s_my_menu *menu, int nb_sub_disk_menu,
 
   int previous_size, size;
   char previous_unit[3], unit[3]; // GB
-  char size_iec[8]; // GiB
+  char size_iec[9]; // GiB
   sectors_to_size_dec(previous_unit, &previous_size, unit, &size, d[disk_number].edd_params.sectors);
   sectors_to_size(d[disk_number].edd_params.sectors, size_iec);
 
Domain: System / Uncategorized;