On Mon, 4 Apr 2022 11:34:28 +0200 David Disseldorp <ddiss@xxxxxxx> wrote: > When processing a "file" entry, gen_init_cpio attempts to allocate a > buffer large enough to stage the entire contents of the source file. > It then attempts to fill the buffer via a single read() call and > subsequently writes out the entire buffer length, without checking that > read() returned the full length, potentially writing uninitialized > buffer memory. That was rather rude of it. > Fix this by breaking up file I/O into 64k chunks and only writing the > length returned by the prior read() call. Does this change fix any known or reported problems?
