aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPetr Štetiar <ynezz@true.cz>2019-07-26 14:45:32 +0200
committerPetr Štetiar <ynezz@true.cz>2020-07-11 13:33:28 +0200
commit61b36ee9ba8dcf2b7a935900af603a946408c6ab (patch)
tree086c30e4951e380f9064abf9d3a90e1ee7335d5a
parente027df97fc69dbdf0e770d5e3cf1f85228116ef9 (diff)
downloadupstream-61b36ee9ba8dcf2b7a935900af603a946408c6ab.tar.gz
upstream-61b36ee9ba8dcf2b7a935900af603a946408c6ab.tar.bz2
upstream-61b36ee9ba8dcf2b7a935900af603a946408c6ab.zip
firmware-utils: mkfwimage: fix memcpy and strncpy usage
Firmware is binary blob, so there are barely any NULL terminated strings expected, so we should probably convert all chars into u8 types, and after that it's clear, that using strcpy doesn't make sense anymore. This is rather theoretical stuff, but `uint8_t name[PART_NAME_LENGTH]` means, that you can supply PART_NAME_LENGTH sized name, not PART_NAME_LENGTH-1 name when NULL terminated. Ref: https://github.com/openwrt/openwrt/pull/2274 Fixes: 04cb651376f9 ("firmware-utils: mkfwimage: fix more errors reported by gcc-6/7/9") Signed-off-by: Petr Štetiar <ynezz@true.cz>
-rw-r--r--tools/firmware-utils/src/fw.h15
-rw-r--r--tools/firmware-utils/src/mkfwimage.c18
-rw-r--r--tools/firmware-utils/src/utils.h11
3 files changed, 28 insertions, 16 deletions
diff --git a/tools/firmware-utils/src/fw.h b/tools/firmware-utils/src/fw.h
index 53a92a573c..778143d2c4 100644
--- a/tools/firmware-utils/src/fw.h
+++ b/tools/firmware-utils/src/fw.h
@@ -19,6 +19,7 @@
#ifndef FW_INCLUDED
#define FW_INCLUDED
+#include <stdint.h>
#include <sys/types.h>
#define MAGIC_HEADER "OPEN"
@@ -30,16 +31,16 @@
#define PART_NAME_LENGTH 16
typedef struct header {
- char magic[MAGIC_LENGTH];
- char version[256];
+ uint8_t magic[MAGIC_LENGTH];
+ uint8_t version[256];
u_int32_t crc;
u_int32_t pad;
} __attribute__ ((packed)) header_t;
typedef struct part {
- char magic[MAGIC_LENGTH];
- char name[PART_NAME_LENGTH];
- char pad[12];
+ uint8_t magic[MAGIC_LENGTH];
+ uint8_t name[PART_NAME_LENGTH];
+ uint8_t pad[12];
u_int32_t memaddr;
u_int32_t index;
u_int32_t baseaddr;
@@ -54,13 +55,13 @@ typedef struct part_crc {
} __attribute__ ((packed)) part_crc_t;
typedef struct signature {
- char magic[MAGIC_LENGTH];
+ uint8_t magic[MAGIC_LENGTH];
u_int32_t crc;
u_int32_t pad;
} __attribute__ ((packed)) signature_t;
typedef struct signature_rsa {
- char magic[MAGIC_LENGTH];
+ uint8_t magic[MAGIC_LENGTH];
// u_int32_t crc;
unsigned char rsa_signature[256];
u_int32_t pad;
diff --git a/tools/firmware-utils/src/mkfwimage.c b/tools/firmware-utils/src/mkfwimage.c
index ff9011a0c4..591ce44a78 100644
--- a/tools/firmware-utils/src/mkfwimage.c
+++ b/tools/firmware-utils/src/mkfwimage.c
@@ -32,6 +32,7 @@
#include <limits.h>
#include <stdbool.h>
#include "fw.h"
+#include "utils.h"
typedef struct fw_layout_data {
u_int32_t kern_start;
@@ -204,21 +205,20 @@ static void write_header(void* mem, const char *magic, const char* version)
header_t* header = mem;
memset(header, 0, sizeof(header_t));
- memcpy(header->magic, magic, MAGIC_LENGTH);
- strncpy(header->version, version, sizeof(header->version));
- header->crc = htonl(crc32(0L, (unsigned char *)header,
- sizeof(header_t) - 2 * sizeof(u_int32_t)));
+ FW_MEMCPY_STR(header->magic, magic);
+ FW_MEMCPY_STR(header->version, version);
+ header->crc = htonl(crc32(0L, (uint8_t*) header,
+ sizeof(header_t) - 2 * sizeof(u_int32_t)));
header->pad = 0L;
}
-
static void write_signature(void* mem, u_int32_t sig_offset)
{
/* write signature */
signature_t* sign = (signature_t*)(mem + sig_offset);
memset(sign, 0, sizeof(signature_t));
- memcpy(sign->magic, MAGIC_END, MAGIC_LENGTH);
+ FW_MEMCPY_STR(sign->magic, MAGIC_END);
sign->crc = htonl(crc32(0L,(unsigned char *)mem, sig_offset));
sign->pad = 0L;
}
@@ -229,7 +229,7 @@ static void write_signature_rsa(void* mem, u_int32_t sig_offset)
signature_rsa_t* sign = (signature_rsa_t*)(mem + sig_offset);
memset(sign, 0, sizeof(signature_rsa_t));
- memcpy(sign->magic, MAGIC_ENDS, MAGIC_LENGTH);
+ FW_MEMCPY_STR(sign->magic, MAGIC_ENDS);
// sign->crc = htonl(crc32(0L,(unsigned char *)mem, sig_offset));
sign->pad = 0L;
}
@@ -259,8 +259,8 @@ static int write_part(void* mem, part_data_t* d)
munmap(addr, d->stats.st_size);
memset(p->name, 0, PART_NAME_LENGTH);
- memcpy(p->magic, MAGIC_PART, MAGIC_LENGTH);
- memcpy(p->name, d->partition_name, PART_NAME_LENGTH);
+ FW_MEMCPY_STR(p->magic, MAGIC_PART);
+ FW_MEMCPY_STR(p->name, d->partition_name);
p->index = htonl(d->partition_index);
p->data_size = htonl(d->stats.st_size);
diff --git a/tools/firmware-utils/src/utils.h b/tools/firmware-utils/src/utils.h
new file mode 100644
index 0000000000..11ec740069
--- /dev/null
+++ b/tools/firmware-utils/src/utils.h
@@ -0,0 +1,11 @@
+#include <stdint.h>
+#include <string.h>
+
+#pragma once
+
+#define FW_MEMCPY_STR(dst, src) \
+ do { \
+ size_t slen = strlen(src); \
+ size_t dlen = sizeof(dst); \
+ memcpy(dst, src, slen > dlen ? dlen : slen); \
+ } while (0);