ACK: [PATCH] acpi: fix check of length overflow
ivanhu
ivan.hu at canonical.com
Wed Jan 20 01:35:03 UTC 2021
On 1/19/21 6:02 PM, Colin King wrote:
> From: Colin Ian King <colin.king at canonical.com>
>
> The check for the accumulated string length is off-by-one as one needs to
> include the end of string marker '\0', so use >= rather than >. Also use
> the sizeof() operator on must_be_id rather than a hard-coded length.
>
> Fixes: ffea02df09d3 ("acpi: add fwts_acpi_space_id_check to check GAS adrress space ids")
> Signed-off-by: Colin Ian King <colin.king at canonical.com>
> ---
> src/lib/src/fwts_acpi_tables.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/lib/src/fwts_acpi_tables.c b/src/lib/src/fwts_acpi_tables.c
> index d832a65c..f2824cdf 100644
> --- a/src/lib/src/fwts_acpi_tables.c
> +++ b/src/lib/src/fwts_acpi_tables.c
> @@ -1681,7 +1681,7 @@ void fwts_acpi_space_id_check(
> continue;
>
> length += strlen(id_name);
> - if (length > 255)
> + if (length >= sizeof(must_be_id))
> continue;
>
> strncat(must_be_id, id_name, strlen(id_name));
>
Acked-by: Ivan Hu <ivan.hu at canonical.com>
More information about the fwts-devel
mailing list