On Sun, May 05, 2013 at 01:21:54AM -0400, Mike Frysinger wrote:
> Since the length fields with the ubi volnames are signed 16bit values,
> make sure we clamp that number to the size of the buffer we've allocated
> on the stack to prevent buffer overflows.
> * mtd.c (ubi_ioctl): Clamp length to string_quote to 0/UBI_MAX_VOLUME_NAME.
> Check the return of string_quote and tweak the output accordingly.