Commit 14ebbce2 authored by Committed by Milan Broz
Avoid buffer overflow in uuid_or_device.
The function uuid_or_device is prone to a buffer overflow if a very long spec has been defined. The range check happens against PATH_MAX, with i being set to 5 (due to "UUID=" offset of spec), but "/dev/disk/by-uuid" has been already written into device. The difference between "/dev/disk/by-uuid" and "UUID=" is 13, therefore the correct range check must happen against PATH_MAX - 13. @@ -204,7 +204,7 @@ const char *uuid_or_device(const char *spec) strcpy(device, "/dev/disk/by-uuid/");
Showing with 1 addition and 1 deletion