pa-fazil
/
android_system_core
mirror of https://github.com/fazilsheik96/android_system_core.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fastboot: zero-initialize fastboot_buffer struct 

The functions load_buf_fd()/load_buf() are not guaranteed to write all
struct members, e.g. buf->sz doesn't get an assignment in some
circumstances and as such is used uninitialized in various places, which
leads to code paths being taken that shouldn't be (e.g. in
copy_avb_footer).

See https://gitlab.archlinux.org/archlinux/packaging/packages/android-tools/-/issues/4

Change-Id: Ibdeda8fa47b95df46dd69a87e04d0e66734db2fe
This commit is contained in:
Luca Weiss 2024-02-15 09:37:34 +01:00 committed by Fazil Sheik
parent f61c5e51c6
commit d3a08fcb80
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fastboot/fastboot.cpp
View File

@ -1487,7 +1487,7 @@ static std::string repack_ramdisk(const char* pname, struct fastboot_buffer* buf
void do_flash(const char* pname, const char* fname, const bool apply_vbmeta) {
verbose("Do flash %s %s", pname, fname);
struct fastboot_buffer buf;
struct fastboot_buffer buf{};
if (!load_buf(fname, &buf)) {
die("cannot load '%s': %s", fname, strerror(errno));