avr
/
avrdude
mirror of https://github.com/mariusgreuel/avrdude.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Submitted by Carl Hamilton: 

* update.c (parse_op): correctly \0-terminate buf after filling
it, before it is potentially used as the source of a call to
strlen or strcpy.


git-svn-id: svn://svn.savannah.nongnu.org/avrdude/trunk@819 81a1dc3b-b13d-400b-aceb-764788c761c2
This commit is contained in:
Joerg Wunsch 2009-04-28 18:35:14 +00:00
parent 5290713bb9
commit 1c55f53261
2 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
avrdude/ChangeLog
View File

@ -1,3 +1,10 @@
2009-04-28 Joerg Wunsch <j.gnu@uriah.heep.sax.de>
Submitted by Carl Hamilton:
* update.c (parse_op): correctly \0-terminate buf after filling
it, before it is potentially used as the source of a call to
strlen or strcpy.
2009-04-14 Joerg Wunsch <j.gnu@uriah.heep.sax.de>
* doc/avrdude.texi: Merge the -P 0xXXX option description from

3
avrdude/update.c
View File

@ -51,6 +51,7 @@ UPDATE * parse_op(char * s)
p = s;
while ((i < (sizeof(buf)-1) && *p && (*p != ':')))
buf[i++] = *p++;
buf[i] = 0;
if (*p != ':') {
upd->memtype = (char *)malloc(strlen("flash")+1);
@ -69,8 +70,6 @@ UPDATE * parse_op(char * s)
return upd;
}
buf[i] = 0;
upd->memtype = (char *)malloc(strlen(buf)+1);
if (upd->memtype == NULL) {
fprintf(stderr, "%s: out of memory\n", progname);