diff options
| author | Patrick Georgi <pgeorgi@google.com> | 2019-09-06 12:24:53 +0200 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2019-09-07 05:50:17 +0000 |
| commit | 1dbf73b2c699f49807796b0b5f323334db18aab4 (patch) | |
| tree | 331b3984a7a4758a0b0abda6eb56433d5c49283d | |
| parent | d0a28788e7d48ce8ecfd8b0c0f16d824e8e28bfb (diff) | |
| download | chrome-ec-1dbf73b2c699f49807796b0b5f323334db18aab4.tar.gz | |
util/ecst.c: ensure string termination
Found by Coverity Scan #58136, #58137
BUG=none
BRANCH=none
TEST=none
Change-Id: Ie17330c4766f6537134117ecd81ecd78cd408132
Signed-off-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/1789144
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Tested-by: Patrick Georgi <pgeorgi@chromium.org>
Auto-Submit: Patrick Georgi <pgeorgi@chromium.org>
Commit-Queue: Patrick Georgi <pgeorgi@chromium.org>
| -rw-r--r-- | util/ecst.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/util/ecst.c b/util/ecst.c index f7409941c0..6d61af95b8 100644 --- a/util/ecst.c +++ b/util/ecst.c @@ -2016,10 +2016,12 @@ int calc_firmware_csum_bin(unsigned int *p_cksum, int main_hdr(void) { int result = 0; - char tmp_file_name[NAME_SIZE]; + char tmp_file_name[NAME_SIZE + 1]; unsigned int tmp_long_val; unsigned int bin_file_size_bytes; + tmp_file_name[NAME_SIZE] = '\0'; + if (is_ptr_merge) { if (strlen(input_file_name) == 0) { my_printf(TERR, "\n\nNo input BIN file selected for"); @@ -2030,7 +2032,7 @@ int main_hdr(void) if (strlen(output_file_name) == 0) strncpy(tmp_file_name, input_file_name, - sizeof(tmp_file_name)); + sizeof(tmp_file_name) - 1); else { copy_file_to_file(output_file_name, input_file_name, @@ -2038,7 +2040,7 @@ int main_hdr(void) SEEK_END); strncpy(tmp_file_name, output_file_name, - sizeof(tmp_file_name)); + sizeof(tmp_file_name) - 1); } /* Open Header file */ @@ -2178,10 +2180,11 @@ int main_hdr(void) */ int main_api(void) { - char tmp_file_name[NAME_SIZE]; + char tmp_file_name[NAME_SIZE + 1]; int result = 0; unsigned int crc_checksum; + tmp_file_name[NAME_SIZE] = '\0'; api_file_size_bytes = 0; /* If API input file was not declared, then print error message. */ @@ -2197,7 +2200,8 @@ int main_api(void) sizeof(tmp_file_name), "api_")) return FALSE; } else - strncpy(tmp_file_name, output_file_name, sizeof(tmp_file_name)); + strncpy(tmp_file_name, output_file_name, + sizeof(tmp_file_name) - 1); /* Make sure that new empty file is created. */ api_file_pointer = fopen(tmp_file_name, "w"); |