Attention is currently required from: Xiang Wang, Stefan Reinauer, Edward O'Callaghan.
Xiang Wang uploaded patch set #2 to this change.
helpers.c: Fix undefined behavior in strndup()
Using strlen() or strdup() inside strndup() is problematic: if the
input string is not null-terminated, these functions can read past the
end of the buffer, which triggers undefined behavior. Rewrite the
function to never read past the provided `maxlen` bound.
Change-Id: Id34127024085879228626fbad59af03268ec5255
Signed-off-by: Xiang Wang <merle@hardenedliux.org>
---
M helpers.c
1 file changed, 9 insertions(+), 8 deletions(-)
git pull ssh://review.coreboot.org:29418/flashrom refs/changes/41/49741/2
To view, visit change 49741. To unsubscribe, or for help writing mail filters, visit settings.