[microcode_ctl] fix buffer overflow, bug 768803
Anton Arapov
aarapov at fedoraproject.org
Thu Dec 22 13:00:17 UTC 2011
commit ae1d259eb6f032df2243894e9fdcc431ad910816
Author: Anton Arapov <anton at redhat.com>
Date: Thu Dec 22 13:59:24 2011 +0100
fix buffer overflow, bug 768803
Signed-off-by: Anton Arapov <anton at redhat.com>
microcode_ctl-1.17-getopt.patch | 23 +++++++++++++++++++++++
microcode_ctl.spec | 7 ++++++-
2 files changed, 29 insertions(+), 1 deletions(-)
---
diff --git a/microcode_ctl-1.17-getopt.patch b/microcode_ctl-1.17-getopt.patch
new file mode 100644
index 0000000..ce5b295
--- /dev/null
+++ b/microcode_ctl-1.17-getopt.patch
@@ -0,0 +1,23 @@
+diff -up microcode_ctl-1.17/microcode_ctl.c.getopt microcode_ctl-1.17/microcode_ctl.c
+--- microcode_ctl-1.17/microcode_ctl.c.getopt 2011-12-22 13:15:55.073783568 +0100
++++ microcode_ctl-1.17/microcode_ctl.c 2011-12-22 13:14:22.000000000 +0100
+@@ -151,7 +151,8 @@ int main(int argc, char *argv[])
+ break;
+
+ case 'd':
+- strcpy(device, optarg);
++ strncpy(device, optarg, sizeof(device));
++ device[sizeof(device)-1] = '\0'; /* ensure null terminated */
+ break;
+
+ case 'u': /* do a microcode upload */
+@@ -160,7 +161,8 @@ int main(int argc, char *argv[])
+
+ case 'f': /* set microcode file to optarg and upload */
+ upload++;
+- strcpy(filename, optarg);
++ strncpy(filename, optarg, sizeof(filename));
++ filename[sizeof(filename)-1] = '\0'; /* ensure null terminated */
+ break;
+
+ case '?':
diff --git a/microcode_ctl.spec b/microcode_ctl.spec
index 1321e73..d1b91b4 100644
--- a/microcode_ctl.spec
+++ b/microcode_ctl.spec
@@ -1,7 +1,7 @@
Summary: Tool to update x86/x86-64 CPU microcode.
Name: microcode_ctl
Version: 1.17
-Release: 20%{?dist}
+Release: 21%{?dist}
Epoch: 1
Group: System Environment/Base
License: GPLv2+ and Redistributable, no modification permitted
@@ -23,6 +23,7 @@ ExclusiveArch: %{ix86} x86_64
Patch1: microcode_ctl.patch
Patch2: microcode_ctl-manpage-0.patch
+Patch3: microcode_ctl-1.17-getopt.patch
%description
microcode_ctl - updates the microcode on Intel and AMD x86/x86-64 CPU's
@@ -31,6 +32,7 @@ microcode_ctl - updates the microcode on Intel and AMD x86/x86-64 CPU's
%setup -q
%patch1 -p1
%patch2 -p1
+%patch3 -p1
tar xf %{SOURCE3}
%build
@@ -83,6 +85,9 @@ exit 0
%changelog
+* Thu Dec 22 2011 Anton Arapov <anton at redhat.com> 1.17-21
+- Fix a segfault that may be triggered by very long parameter [#768803]
+
* Tue Dec 13 2011 Anton Arapov <anton at redhat.com> 1.17-20
- Update to microcode-20111110.dat
More information about the scm-commits
mailing list