fs/hfs: Fix stack OOB write with grub_strcpy()

Replaced with grub_strlcpy(). Fixes: CVE-2024-45782 Fixes: CVE-2024-56737 Fixes: https://savannah.gnu.org/bugs/?66599 Reported-by: B Horn <b@horn.uk> Signed-off-by: B Horn <b@horn.uk> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2024-05-12 02:48:33 +01:00 · 2024-05-12 02:48:33 +01:00 · 417547c104
commit 417547c104
parent c1a291b01f
1 changed files with 1 additions and 1 deletions
--- a/grub-core/fs/hfs.c
+++ b/grub-core/fs/hfs.c
@ -379,7 +379,7 @@ grub_hfs_mount (grub_disk_t disk)
     volume name.  */
  key.parent_dir = grub_cpu_to_be32_compile_time (1);
  key.strlen = data->sblock.volname[0];
-  grub_strcpy ((char *) key.str, (char *) (data->sblock.volname + 1));
+  grub_strlcpy ((char *) key.str, (char *) (data->sblock.volname + 1), sizeof (key.str));

  if (grub_hfs_find_node (data, (char *) &key, data->cat_root,
 			  0, (char *) &dir, sizeof (dir)) == 0)