Re: [coreboot] [bios_extract] filenames patch for phoenix
Peter Stuge wrote: > Matthias Wenzel wrote: >> +++ b/phoenix.c > .. >> @@ -117,10 +117,10 @@ PhoenixModule(unsigned char *BIOSImage, int >> BIOSLength, int Offset) >> >> ModuleName = PhoenixModuleNameGet(Module->Type); >> if (ModuleName) { >> -filename = malloc(strlen(ModuleName) + 7); >> +filename = malloc(strlen(ModuleName) + 7 + 3); >> sprintf(filename, "%s_%1d.rom", ModuleName, Module->Id); >> } else { >> -filename = malloc(9); >> +filename = malloc(9 + 3); >> sprintf(filename, "%02X_%1d.rom", Module->Type, Module->Id); >> } > > If everything (also Type) is u8 then the above is 1 byte extra :) but > better safe than sorry! Both are u8, and yes, I was conservative as some C-libs (other than glibc) might add a sign with the "%1d". Maybe we should write "%1u" or even "%.3" to be clearer. mazzoo -- coreboot mailing list: coreboot@coreboot.org http://www.coreboot.org/mailman/listinfo/coreboot
Re: [coreboot] [bios_extract] filenames patch for phoenix
Matthias Wenzel wrote: > +++ b/phoenix.c .. > @@ -117,10 +117,10 @@ PhoenixModule(unsigned char *BIOSImage, int BIOSLength, > int Offset) > > ModuleName = PhoenixModuleNameGet(Module->Type); > if (ModuleName) { > - filename = malloc(strlen(ModuleName) + 7); > + filename = malloc(strlen(ModuleName) + 7 + 3); > sprintf(filename, "%s_%1d.rom", ModuleName, Module->Id); > } else { > - filename = malloc(9); > + filename = malloc(9 + 3); > sprintf(filename, "%02X_%1d.rom", Module->Type, Module->Id); > } If everything (also Type) is u8 then the above is 1 byte extra :) but better safe than sorry! If anything is larger than u8 then the above needs some more bytes. //Peter -- coreboot mailing list: coreboot@coreboot.org http://www.coreboot.org/mailman/listinfo/coreboot
[coreboot] [bios_extract] filenames patch for phoenix
Hi, attached is a small patch for phoenix part in bios_extract to replace terrible filenames containing '*', '?' or '<' also fixes 2 bufferoverflows in the filename handling. mazzoo diff --git a/phoenix.c b/phoenix.c index dd630a1..83b86b4 100644 --- a/phoenix.c +++ b/phoenix.c @@ -61,9 +61,9 @@ PhoenixModuleNames[] = { {'H', "tcpa_H"}, /* TCPA (Trusted Computing), USBKCLIB? */ {'K', "tcpa_K"}, /* TCPA (Trusted Computing), "AUTH"? */ {'Q', "tcpa_Q"}, /* TCPA (Trusted Computing), "SROM"? */ -{'<', "tcpa_<"}, -{'*', "tcpa_*"}, -{'?', "tcpa_?"}, +{'<', "tcpa_LT"}, +{'*', "tcpa_AS"}, +{'?', "tcpa_QM"}, {'J', "SmartCardPAS"}, }; @@ -117,10 +117,10 @@ PhoenixModule(unsigned char *BIOSImage, int BIOSLength, int Offset) ModuleName = PhoenixModuleNameGet(Module->Type); if (ModuleName) { - filename = malloc(strlen(ModuleName) + 7); + filename = malloc(strlen(ModuleName) + 7 + 3); sprintf(filename, "%s_%1d.rom", ModuleName, Module->Id); } else { - filename = malloc(9); + filename = malloc(9 + 3); sprintf(filename, "%02X_%1d.rom", Module->Type, Module->Id); } -- coreboot mailing list: coreboot@coreboot.org http://www.coreboot.org/mailman/listinfo/coreboot