Submitted by Carl Hamilton:
* update.c (parse_op): correctly \0-terminate buf after filling it, before it is potentially used as the source of a call to strlen or strcpy. git-svn-id: svn://svn.savannah.nongnu.org/avrdude/trunk/avrdude@819 81a1dc3b-b13d-400b-aceb-764788c761c2
This commit is contained in:
parent
be3f603c3d
commit
52321cc73e
|
@ -1,3 +1,10 @@
|
|||
2009-04-28 Joerg Wunsch <j.gnu@uriah.heep.sax.de>
|
||||
|
||||
Submitted by Carl Hamilton:
|
||||
* update.c (parse_op): correctly \0-terminate buf after filling
|
||||
it, before it is potentially used as the source of a call to
|
||||
strlen or strcpy.
|
||||
|
||||
2009-04-14 Joerg Wunsch <j.gnu@uriah.heep.sax.de>
|
||||
|
||||
* doc/avrdude.texi: Merge the -P 0xXXX option description from
|
||||
|
|
3
update.c
3
update.c
|
@ -51,6 +51,7 @@ UPDATE * parse_op(char * s)
|
|||
p = s;
|
||||
while ((i < (sizeof(buf)-1) && *p && (*p != ':')))
|
||||
buf[i++] = *p++;
|
||||
buf[i] = 0;
|
||||
|
||||
if (*p != ':') {
|
||||
upd->memtype = (char *)malloc(strlen("flash")+1);
|
||||
|
@ -69,8 +70,6 @@ UPDATE * parse_op(char * s)
|
|||
return upd;
|
||||
}
|
||||
|
||||
buf[i] = 0;
|
||||
|
||||
upd->memtype = (char *)malloc(strlen(buf)+1);
|
||||
if (upd->memtype == NULL) {
|
||||
fprintf(stderr, "%s: out of memory\n", progname);
|
||||
|
|
Loading…
Reference in New Issue