From 478b5675209ab0263b8271764ef85d8fc1faec42 Mon Sep 17 00:00:00 2001
From: Andrei Borzenkov <arvidjaar@gmail.com>
Date: Fri, 28 Nov 2014 20:39:22 +0300
Subject: [PATCH 118/506] grub-mkstandalone: out of bound access to tar header
magic
Magic size is 6 bytes and we copied 7 bytes in it.
CID: 73587, 73888
Closes bug 43690
---
ChangeLog | 5 +++++
util/grub-mkstandalone.c | 4 ++--
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 6fbec06..930ceb2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2014-11-28 Andrei Borzenkov <arvidjaar@gmail.com>
+
+ * util/grub-mkstandalone.c (add_tar_file): Fix out of bound access
+ to hd.magic (Coverity CID 73587, 73888, bug 43690).
+
2014-11-20 Andrei Borzenkov <arvidjaar@gmail.com>
* tests/util/grub-fs-tester.in: Consistently print output
diff --git a/util/grub-mkstandalone.c b/util/grub-mkstandalone.c
index 8e2a2b8..6017d71 100644
--- a/util/grub-mkstandalone.c
+++ b/util/grub-mkstandalone.c
@@ -236,7 +236,7 @@ add_tar_file (const char *from,
set_tar_value (hd.size, optr - tcn, 12);
set_tar_value (hd.mtime, mtime, 12);
hd.typeflag = 'L';
- memcpy (hd.magic, "ustar ", 7);
+ memcpy (hd.magic, MAGIC, sizeof (hd.magic));
memcpy (hd.uname, "grub", 4);
memcpy (hd.gname, "grub", 4);
@@ -266,7 +266,7 @@ add_tar_file (const char *from,
set_tar_value (hd.size, size, 12);
set_tar_value (hd.mtime, mtime, 12);
hd.typeflag = '0';
- memcpy (hd.magic, "ustar ", 7);
+ memcpy (hd.magic, MAGIC, sizeof (hd.magic));
memcpy (hd.uname, "grub", 4);
memcpy (hd.gname, "grub", 4);
--
2.4.3