forked from pool/elilo
163b743a22
Accepted submit request 56257 from user coolo OBS-URL: https://build.opensuse.org/request/show/56257 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/elilo?expand=0&rev=18
27 lines
664 B
Diff
27 lines
664 B
Diff
From: Bernhard Walle <bwalle@suse.de>
|
|
Subject: [PATCH] Fix possible array length overflow
|
|
References: bnc#256676
|
|
|
|
Found by dan.yeisley@unisys.com.
|
|
|
|
|
|
Signed-off-by: Bernhard Walle <bwalle@suse.de>
|
|
|
|
---
|
|
choosers/simple.c | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
--- a/choosers/simple.c
|
|
+++ b/choosers/simple.c
|
|
@@ -290,8 +290,9 @@ restart:
|
|
|
|
if (elilo_opt.prompt) {
|
|
console_textmode();
|
|
- ret = select_kernel(buffer, sizeof(buffer));
|
|
+ ret = select_kernel(buffer, CMDLINE_MAXLEN);
|
|
if (ret == -1) return -1;
|
|
+ /* this function takes really the number of bytes ... */
|
|
argc = argify(buffer,sizeof(buffer), argv);
|
|
index = 0;
|
|
}
|