cli: avoid buffer overrun
Invoking the sandbox with
/u-boot -c ⧵0xef⧵0xbf⧵0xbd
results in a segmentation fault.
Function b_getch() retrieves a character from the input stream. This
character may be > 0x7f. If type char is signed, static_get() will
return a negative number and in parse_stream() we will use that
negative number as an index for array map[] resulting in a buffer
overflow.
Reported-by: Harry Lockyer <harry_lockyer@tutanota.com>
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
projects / platform / kernel / u-boot.git / commit