Cursor up copies the last line into the buffer without checking if it fits into the current buffer. Fix this using safe_strncpy. Signed-off-by: Sascha Hauer <s.hauer@xxxxxxxxxxxxxx> --- lib/readline.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/readline.c b/lib/readline.c index 4c9bb76..cac9670 100644 --- a/lib/readline.c +++ b/lib/readline.c @@ -1,6 +1,7 @@ #include <common.h> #include <readkey.h> #include <init.h> +#include <libbb.h> #include <xfuncs.h> #include <complete.h> #include <linux/ctype.h> @@ -321,7 +322,7 @@ int readline(const char *prompt, char *buf, int len) ERASE_TO_EOL(); /* copy new line into place and display */ - strcpy(buf, hline); + safe_strncpy(buf, hline, len); eol_num = strlen(buf); REFRESH_TO_EOL(); continue; -- 2.6.2 _______________________________________________ barebox mailing list barebox@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/barebox
