Message ID | 20180420132931.22250-3-ada@thorsis.com |
---|---|
State | Accepted |
Commit | c3b115f4b7b05203da4233463a4fb87fa9c267ac |
Delegated to: | Tom Rini |
Headers | show |
Series | tools: mkenvimage: Fix input from STDIN | expand |
On Fri, Apr 20, 2018 at 03:29:31PM +0200, Alexander Dahl wrote: > The size of 'filebuf' was not increased as more and more bytes are read > from stdin, but 'filebuf' was always reallocated to the same fix size. > This works as long as only less bytes than the initial buffer size come > in, for more input this will segfault. (It actually does, I tested > that.) So for each loop cycle the buffer size has to be increased by the > number of bytes we want to read. > > Signed-off-by: Alexander Dahl <ada@thorsis.com> Applied to u-boot/master, thanks!
diff --git a/tools/mkenvimage.c b/tools/mkenvimage.c index 716cb73a5c..8cd9ffa1c6 100644 --- a/tools/mkenvimage.c +++ b/tools/mkenvimage.c @@ -162,7 +162,7 @@ int main(int argc, char **argv) txt_fd = STDIN_FILENO; do { - filebuf = realloc(filebuf, readlen); + filebuf = realloc(filebuf, filesize + readlen); if (!filebuf) { fprintf(stderr, "Can't realloc memory for the input file buffer\n"); return EXIT_FAILURE;
The size of 'filebuf' was not increased as more and more bytes are read from stdin, but 'filebuf' was always reallocated to the same fix size. This works as long as only less bytes than the initial buffer size come in, for more input this will segfault. (It actually does, I tested that.) So for each loop cycle the buffer size has to be increased by the number of bytes we want to read. Signed-off-by: Alexander Dahl <ada@thorsis.com> --- tools/mkenvimage.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)