[Powerpc-utils-devel] [PATCH 2/2] nvram: don't allow long names

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

The maximum partition name length is 12 characters but nvram accepts
strings of any length. This change will enforce the maximum length
passed to options that take a partition name to avoid confusion.

Signed-off-by: Joel Stanley <jo...@jm...>
---
 src/nvram.c | 25 +++++++++++++++++++++++++
 src/nvram.h | 14 ++++++++++----
 2 files changed, 35 insertions(+), 4 deletions(-)

diff --git a/src/nvram.c b/src/nvram.c
index c3f4ebc..b2f5c8c 100644
--- a/src/nvram.c
+++ b/src/nvram.c
@@ -467,6 +467,11 @@ nvram_find_fd_partition(struct nvram *nvram, char *name)
     int				len;
     int				found = 0;
 
+    if (strlen(name) > MAX_PART_NAME) {
+        err_msg("partition name too long\n");
+        return -1;
+    }
+
     if (lseek(nvram->fd, SEEK_SET, 0) == -1) {
         err_msg("could not seek to beginning of file %s\n", nvram->filename);
 	return -1;
@@ -1461,12 +1466,27 @@ main (int argc, char *argv[])
 		break;
 	    case 'd':	/* dump */
 		dump_name = optarg;
+		if (strlen(dump_name) > MAX_PART_NAME) {
+			err_msg("partition name maximum length is %d\n",
+					MAX_PART_NAME);
+			exit(1);
+		}
 		break;
 	    case 'a':	/* ASCII dump */
 	    	ascii_name = optarg;
+		if (strlen(ascii_name) > MAX_PART_NAME) {
+			err_msg("partition name maximum length is %d\n",
+					MAX_PART_NAME);
+			exit(1);
+		}
 		break;
 	    case 'z':	/* dump compressed data */
 		zip_name = optarg;
+		if (strlen(zip_name) > MAX_PART_NAME) {
+			err_msg("partition name maximum length is %d\n",
+					MAX_PART_NAME);
+			exit(1);
+		}
 		break;
 	    case 'n':	/* nvram-file */
 		nvram.filename = optarg;
@@ -1509,6 +1529,11 @@ main (int argc, char *argv[])
 		break;
 	    case 'p':	/* update-config partition name */
 	        config_pname = optarg;
+		if (strlen(config_pname) > MAX_PART_NAME) {
+			err_msg("partition name maximum length is %d\n",
+					MAX_PART_NAME);
+			exit(1);
+		}
 		break;
 	    case '?':
 		exit(1);
diff --git a/src/nvram.h b/src/nvram.h
index b4961fe..b78e793 100644
--- a/src/nvram.h
+++ b/src/nvram.h
@@ -45,14 +45,20 @@
 #define MAX_CPUS 128
 
 /**
+ * @def MAX_PART_NAME
+ * @brief maximum number of bytes in partition name
+ */
+#define MAX_PART_NAME 12
+
+/**
  * @struct partition_header
  * @brief nvram partition header data
  */
 struct partition_header {
-    unsigned char	signature;  /**< partition signature */
-    unsigned char 	checksum;   /**< partition checksum */
-    unsigned short 	length;     /**< partition length */
-    char 		name[12];   /**< partition name */
+    unsigned char	signature;		/**< partition signature */
+    unsigned char 	checksum;		/**< partition checksum */
+    unsigned short 	length;			/**< partition length */
+    char 		name[MAX_PART_NAME];	/**< partition name */
 };
 
 /* sub-header for error-log partitions */
-- 
2.1.4



