debuginfod: Fix build_id hexadecimal length check.

When is debuginfod_query_server is given an hexadecimal string as
build-id build_id_len will be zero. We were checking the size of
the build_id_bytes destination string instead of the string length
of build_id input string. Make sure the input string is not too
big or strcpy might overwrite then end of the build_id_bytes array.

Signed-off-by: Mark Wielaard <mark@klomp.org>

diff --git a/debuginfod/ChangeLog b/debuginfod/ChangeLog
index 9ff2e11178432ac247857b81688e058b74e9017e..d6bbfac8bf54ae1f6923db89b3f8e930844d4ea6 100644 (file)
--- a/debuginfod/ChangeLog
+++ b/debuginfod/ChangeLog
@@ -1,3 +1,8 @@
+2020-06-16  Mark Wielaard  <mark@klomp.org>
+
+       * debuginfod-client.c (debuginfod_query_server): Replace sizeof
+       build_id_bytes check with strlen build_id check.
+
 2020-06-16  Mark Wielaard  <mark@klomp.org>
 
        * debuginfod-client.c (debuginfod_query_server): Increase suffix

diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c
index e9c2ca839f468ce70dad6de6a8cc3f6fa43da10c..7b53cb31fa77d129983d72a0ec8e9fc9599e745f 100644 (file)
--- a/debuginfod/debuginfod-client.c
+++ b/debuginfod/debuginfod-client.c
@@ -496,7 +496,7 @@ debuginfod_query_server (debuginfod_client *c,
   /* Copy lowercase hex representation of build_id into buf.  */
   if ((build_id_len >= MAX_BUILD_ID_BYTES) ||
       (build_id_len == 0 &&
-       sizeof(build_id_bytes) > MAX_BUILD_ID_BYTES*2 + 1))
+       strlen ((const char *) build_id) > MAX_BUILD_ID_BYTES*2))
     return -EINVAL;
   if (build_id_len == 0) /* expect clean hexadecimal */
     strcpy (build_id_bytes, (const char *) build_id);