7 Apr
2007
7 Apr
'07
9:49 p.m.
if (size > OBIO_CMDLINE_MAX) size = OBIO_CMDLINE_MAX; memcpy(obio_cmdline, nv_info.cmdline, size);
- obio_cmdline[size-1] = '\0';
- obio_cmdline[size] = '\0';
Looks like you need to change the declaration of "obio_cmdline[]" or the maximum value "size" is clamped to, as well?
Good point. The attached untested patch should fix the overflow possibility.
_________________________________________________________________ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/