[coreboot] Patch set updated for coreboot: 15c8208 cbfstool: Prevent file name to be corrupted by basename().

Hung-Te Lin (hungte@chromium.org) gerrit at coreboot.org
Tue Jan 29 17:38:37 CET 2013

Hung-Te Lin (hungte at chromium.org) just uploaded a new patch set to gerrit, which you can find at http://review.coreboot.org/2203


commit 15c820879b9cba8938ea24e8465fe1950475852f
Author: Hung-Te Lin <hungte at chromium.org>
Date:   Mon Jan 28 23:42:25 2013 +0800

    cbfstool: Prevent file name to be corrupted by basename().
    Calling basename(3) may modify content. We allocate another buffer to prevent
    corrupting input buffer (file names).
    Change-Id: Ib4827f887542596feef16e7829b00444220b9922
    Signed-off-by: Hung-Te Lin <hungte at chromium.org>
 util/cbfstool/common.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/util/cbfstool/common.c b/util/cbfstool/common.c
index 97bf168..137aeb7 100644
--- a/util/cbfstool/common.c
+++ b/util/cbfstool/common.c
@@ -273,11 +273,13 @@ uint64_t intfiletype(const char *name)
 void print_cbfs_directory(const char *filename)
+	char *name = strdup(filename);
 		("%s: %d kB, bootblocksize %d, romsize %d, offset 0x%x\n"
 		 "alignment: %d bytes, architecture: %s\n\n",
-		 basename((char *)filename), romsize / 1024, ntohl(master_header->bootblocksize),
+		 basename(name), romsize / 1024, ntohl(master_header->bootblocksize),
 		 romsize, ntohl(master_header->offset), align, arch_to_string(arch));
+	free(name);
 	printf("%-30s %-10s %-12s Size\n", "Name", "Offset", "Type");
 	uint32_t current = phys_start;
 	while (current < phys_end) {

More information about the coreboot mailing list