Skip to content

Commit

Permalink
Prevent setting zero over than bound
Browse files Browse the repository at this point in the history 
The &cmd will return a pointer which point to a pointer of cmdline.
It is a memory address which is usually 8 bytes in 64 bits machine.

However, the struct cmdline is 4 bytes. This will cause setting zero
beyond the bound.

Below is a simple example to show the differentiation:

struct cmdline {
        char skip_initramfs;
        char slot[3];
};

static void parse_cmdline(struct cmdline *cmd)
{
        printf("%lu\n", sizeof(*cmd)); /* 4 */
        printf("%lu\n", sizeof(&cmd)); /* 8 */
}

int main()
{
        struct cmdline cmd;
        parse_cmdline(&cmd);
        return 0;
}

This patch prevents this.

Signed-off-by: npes87184 <[email protected]>
  • Loading branch information
@npes87184 @topjohnwu
npes87184 authored and topjohnwu committed Jun 19, 2018
1 parent c0ca99f commit 312466a
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion native/jni/core/magiskinit.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ struct device {

static void parse_cmdline(struct cmdline *cmd) {
// cleanup
memset(cmd, 0, sizeof(&cmd));
memset(cmd, 0, sizeof(*cmd));

char cmdline[4096];
mkdir("/proc", 0555);
Expand Down

0 comments on commit 312466a

Please sign in to comment.