From: Jin Qian <jinqian@google.com>
Date: Mon, 17 Apr 2017 23:13:20 +0000 (-0700)
Subject: libblkid: fix buffer overflow scanning partition name
X-Git-Tag: v1.44.0-rc1~87
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=820344d352301847acee8e08b5f47b443fde846f;p=thirdparty%2Fe2fsprogs.git

libblkid: fix buffer overflow scanning partition name

If "line" is carefully crafted, sscanf will write 1 byte over ptname.

Bug: 36103037
Change-Id: Ia19e032d7c65edc27373ebccc0a5569f0fa31161
From AOSP commit: 085e63d064620c763a62406a5ff4299bcee1838e

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---

diff --git a/lib/blkid/devname.c b/lib/blkid/devname.c
index 671e781f0..444afdc9e 100644
--- a/lib/blkid/devname.c
+++ b/lib/blkid/devname.c
@@ -397,7 +397,7 @@ static int probe_all(blkid_cache cache, int only_if_new)
 {
 	FILE *proc;
 	char line[1024];
-	char ptname0[128], ptname1[128], *ptname = 0;
+	char ptname0[129], ptname1[129], *ptname = 0;
 	char *ptnames[2];
 	dev_t devs[2];
 	int ma, mi;