am 42b871f1: am c37ba1c9: Merge "Check fastboot oem command line length" Merge commit '42b871f1bfc116d53d1bff9d7497415494b2e0e0' * commit '42b871f1bfc116d53d1bff9d7497415494b2e0e0': Check fastboot oem command line length

commit: 69f2d3ce91f18dd20441dc4c51839add63cac3e1 [log] [tgz]
author: Jean-Baptiste Queru <jbq@google.com> Thu Jul 29 11:11:07 2010 -0700
committer: Android Git Automerger <android-git-automerger@android.com> Thu Jul 29 11:11:07 2010 -0700
tree: 32949c90af2724830f5204ca6e3df7f75b728fd4
parent: e1de54455565b318089a7aff8b5e9a6ce51c7574 [diff]
parent: 42b871f1bfc116d53d1bff9d7497415494b2e0e0 [diff]
diff --git a/fastboot/engine.c b/fastboot/engine.c
index ee68f26..28a0ad9 100644
--- a/fastboot/engine.c
+++ b/fastboot/engine.c

@@ -97,14 +97,20 @@
 {
     Action *a;
     va_list ap;
+    size_t cmdsize;
 
     a = calloc(1, sizeof(Action));
     if (a == 0) die("out of memory");
 
     va_start(ap, fmt);
-    vsprintf(a->cmd, fmt, ap);
+    cmdsize = vsnprintf(a->cmd, sizeof(a->cmd), fmt, ap);
     va_end(ap);
 
+    if (cmdsize >= sizeof(a->cmd)) {
+        free(a);
+        die("Command length (%d) exceeds maximum size (%d)", cmdsize, sizeof(a->cmd));
+    }
+
     if (action_last) {
         action_last->next = a;
     } else {
commit	69f2d3ce91f18dd20441dc4c51839add63cac3e1	[log] [tgz]
author	Jean-Baptiste Queru <jbq@google.com>	Thu Jul 29 11:11:07 2010 -0700
committer	Android Git Automerger <android-git-automerger@android.com>	Thu Jul 29 11:11:07 2010 -0700
tree	32949c90af2724830f5204ca6e3df7f75b728fd4
parent	e1de54455565b318089a7aff8b5e9a6ce51c7574 [diff]
parent	42b871f1bfc116d53d1bff9d7497415494b2e0e0 [diff]