From 7fdf25e0446e0fa4acc16aac6e285aa61772c1eb Mon Sep 17 00:00:00 2001 From: Mark Cave-Ayland Date: Fri, 2 Apr 2010 08:33:07 +0000 Subject: [PATCH] Switch the bootinfo-loader over to using strncasecmp rather than strcasecmp which should be much safer on binary buffersi of unknown content/length. Signed-off-by: Mark Cave-Ayland git-svn-id: svn://coreboot.org/openbios/trunk/openbios-devel@722 f158a5a8-5612-0410-a976-696ce0be7e32 --- include/libc/string.h | 1 + libc/string.c | 15 +++++++++++++++ packages/bootinfo-loader.c | 22 +++++++++++----------- 3 files changed, 27 insertions(+), 11 deletions(-) diff --git a/include/libc/string.h b/include/libc/string.h index a8a9f0a..09793e1 100644 --- a/include/libc/string.h +++ b/include/libc/string.h @@ -52,6 +52,7 @@ extern void *memchr(const void *s, int c, size_t n); extern char *strdup( const char *str ); extern int strcasecmp( const char *cs, const char *ct ); +extern int strncasecmp( const char *cs, const char *ct, size_t count ); extern char *strncpy_nopad( char *dest, const char *src, size_t n ); diff --git a/libc/string.c b/libc/string.c index bfa3551..2c08cd2 100644 --- a/libc/string.c +++ b/libc/string.c @@ -511,3 +511,18 @@ strcasecmp( const char *cs, const char *ct ) } return __res; } + +int +strncasecmp( const char *cs, const char *ct, size_t count ) +{ + register signed char __res; + + while (count--) { + char ch1 = toupper(*cs), ch2 = toupper(*ct); + ct++; + if ((__res = ch1 - ch2) != 0 || !*cs++) + break; + } + return __res; +} + diff --git a/packages/bootinfo-loader.c b/packages/bootinfo-loader.c index 09993f8..46a4c85 100644 --- a/packages/bootinfo-loader.c +++ b/packages/bootinfo-loader.c @@ -167,13 +167,13 @@ bootinfo_loader_init_program( void *dummy ) } else if (c == '>') { tag = 0; tagbuf[taglen] = '\0'; - if (strcasecmp(tagbuf, "chrp-boot") == 0) { + if (strncasecmp(tagbuf, "chrp-boot", 9) == 0) { chrp = 1; } else if (chrp == 1) { - if (strcasecmp(tagbuf, "boot-script") == 0) { + if (strncasecmp(tagbuf, "boot-script", 11) == 0) { script = 1; scriptlen = 0; - } else if (strcasecmp(tagbuf, "/boot-script") == 0) { + } else if (strncasecmp(tagbuf, "/boot-script", 12) == 0) { script = 0; bootscript[scriptlen] = '\0'; @@ -184,7 +184,7 @@ bootinfo_loader_init_program( void *dummy ) feval("-1 state-valid !"); break; - } else if (strcasecmp(tagbuf, "/chrp-boot") == 0) + } else if (strncasecmp(tagbuf, "/chrp-boot", 10) == 0) break; } } else if (tag && taglen < sizeof(tagbuf)) { @@ -195,26 +195,26 @@ bootinfo_loader_init_program( void *dummy ) } else if (entity && c ==';') { entity = 0; tagbuf[taglen] = '\0'; - if (strcasecmp(tagbuf, "lt") == 0) { + if (strncasecmp(tagbuf, "lt", 2) == 0) { bootscript[scriptlen++] = '<'; - } else if (strcasecmp(tagbuf, "gt") == 0) { + } else if (strncasecmp(tagbuf, "gt", 2) == 0) { bootscript[scriptlen++] = '>'; - } else if (strcasecmp(tagbuf, "device") == 0) { + } else if (strncasecmp(tagbuf, "device", 6) == 0) { strcpy(bootscript + scriptlen, device); scriptlen += strlen(device); - } else if (strcasecmp(tagbuf, "partition") == 0) { + } else if (strncasecmp(tagbuf, "partition", 9) == 0) { if (partition != -1) sprintf(bootscript + scriptlen, "%d", partition); else *(bootscript + scriptlen) = 0; scriptlen = strlen(bootscript); - } else if (strcasecmp(tagbuf, "directory") == 0) { + } else if (strncasecmp(tagbuf, "directory", 9) == 0) { strcpy(bootscript + scriptlen, directory); scriptlen += strlen(directory); - } else if (strcasecmp(tagbuf, "filename") == 0) { + } else if (strncasecmp(tagbuf, "filename", 8) == 0) { strcpy(bootscript + scriptlen, filename); scriptlen += strlen(filename); - } else if (strcasecmp(tagbuf, "full-path") == 0) { + } else if (strncasecmp(tagbuf, "full-path", 9) == 0) { strcpy(bootscript + scriptlen, bootpath); scriptlen += strlen(bootpath); } else { /* unknown, keep it */