Prevent a stack overflow in fit_check_sign

It is trivial to crash fit_check_sign by invoking with an
absolute path in a deeply nested directory.  This is exposed
by vboot_test.sh.

Signed-off-by: Michael van der Westhuizen <michael@smart-africa.com>
Acked-by: Simon Glass <sjg@chromium.org>

diff --git a/tools/fit_check_sign.c b/tools/fit_check_sign.c
index d6d93400949bacfab2678bdc8376520079682367..817773d48a0bbb37934c565835d39e7111e5f059 100644 (file)
--- a/tools/fit_check_sign.c
+++ b/tools/fit_check_sign.c
@@ -42,12 +42,13 @@ int main(int argc, char **argv)
        void *fit_blob;
        char *fdtfile = NULL;
        char *keyfile = NULL;
-       char cmdname[50];
+       char cmdname[256];
        int ret;
        void *key_blob;
        int c;
 
-       strcpy(cmdname, *argv);
+       strncpy(cmdname, *argv, sizeof(cmdname) - 1);
+       cmdname[sizeof(cmdname) - 1] = '\0';
        while ((c = getopt(argc, argv, "f:k:")) != -1)
                switch (c) {
                case 'f':