From: Darrick J. Wong <darrick.wong@xxxxxxxxxx>
When we're trying to set a new label, check the length to make sure we
won't overflow the label size, and size label[] so that we can use
strncpy without static checker complaints.
Signed-off-by: Darrick J. Wong <darrick.wong@xxxxxxxxxx>
---
io/label.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/io/label.c b/io/label.c
index 602ece89..72e07964 100644
--- a/io/label.c
+++ b/io/label.c
@@ -40,7 +40,7 @@ label_f(
{
int c;
int error;
- char label[FSLABEL_MAX];
+ char label[FSLABEL_MAX + 1];
if (argc == 1) {
memset(label, 0, sizeof(label));
@@ -54,7 +54,13 @@ label_f(
label[0] = '\0';
break;
case 's':
- strncpy(label, optarg, sizeof(label));
+ if (strlen(optarg) > FSLABEL_MAX) {
+ errno = EINVAL;
+ error = 1;
+ goto out;
+ }
+ strncpy(label, optarg, sizeof(label) - 1);
+ label[sizeof(label) - 1] = 0;
break;
default:
return command_usage(&label_cmd);
