False positive buffer overflow detected by gcc because altinfo uses
information1, flashLayoutVer and fskernelCRC fields. We are sure, that
altinfo lengts is less than ALTTAGINFO_LEN, so it's safe to memcpy()
whole altinfo string ply terminating NUL byte.
Signed-off-by: Alexey I. Froloff <ra...@altlinux.org>
---
tools/firmware-utils/src/imagetag.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/tools/firmware-utils/src/imagetag.c
b/tools/firmware-utils/src/imagetag.c
index bebaba2..87d02d5 100644
--- a/tools/firmware-utils/src/imagetag.c
+++ b/tools/firmware-utils/src/imagetag.c
@@ -366,7 +366,7 @@ int tagfile(const char *kernel, const char *rootfs, const
char *bin, \
}
if (args->altinfo_given) {
- strncpy(&tag.information1[0], args->altinfo_arg, ALTTAGINFO_LEN);
+ memcpy(tag.information1, args->altinfo_arg,
strlen(args->altinfo_arg)+1);
}
if (args->second_image_flag_given) {
--
1.7.3.4
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
