From: Alexander Dahl Date: Fri, 20 Apr 2018 13:29:31 +0000 (+0200) Subject: tools: mkenvimage: Fix possible segfault on stdin input X-Git-Tag: v2025.01-rc5-pxa1908~4421 X-Git-Url: http://git.dujemihanovic.xyz/img/html/index.html?a=commitdiff_plain;h=c3b115f4b7b05203da4233463a4fb87fa9c267ac;p=u-boot.git tools: mkenvimage: Fix possible segfault on stdin input The size of 'filebuf' was not increased as more and more bytes are read from stdin, but 'filebuf' was always reallocated to the same fix size. This works as long as only less bytes than the initial buffer size come in, for more input this will segfault. (It actually does, I tested that.) So for each loop cycle the buffer size has to be increased by the number of bytes we want to read. Signed-off-by: Alexander Dahl --- diff --git a/tools/mkenvimage.c b/tools/mkenvimage.c index 716cb73a5c..8cd9ffa1c6 100644 --- a/tools/mkenvimage.c +++ b/tools/mkenvimage.c @@ -162,7 +162,7 @@ int main(int argc, char **argv) txt_fd = STDIN_FILENO; do { - filebuf = realloc(filebuf, readlen); + filebuf = realloc(filebuf, filesize + readlen); if (!filebuf) { fprintf(stderr, "Can't realloc memory for the input file buffer\n"); return EXIT_FAILURE;