From 514063a6d7a628e358894b6a6a6cb089c264fc09 Mon Sep 17 00:00:00 2001 From: Aviv Daum Date: Thu, 19 Mar 2026 00:53:32 +0200 Subject: mtd-utils: tests: jittertest: reject overlong file names plotJittervsFill copies the -f argument into a 250-byte buffer with strncpy(..., sizeof(LogFile)). A 250-byte file name leaves the buffer unterminated, and the subsequent fopen() reads past the end of LogFile. JitterTest uses the same fixed-size file name pattern for -r, while -c still silently truncates overlong names and -f already rejects them. Validate jittertest file name arguments before copying them so these options all reject overlong input instead of truncating it or reading past the end of fixed-size buffers. Add a shell regression test that exercises the accepted and rejected boundary lengths for plotJittervsFill and JitterTest during make check. Signed-off-by: Aviv Daum Signed-off-by: David Oberhollenzer --- tests/jittertest/Makemodule.am | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'tests/jittertest/Makemodule.am') diff --git a/tests/jittertest/Makemodule.am b/tests/jittertest/Makemodule.am index d280192..2cb85c1 100644 --- a/tests/jittertest/Makemodule.am +++ b/tests/jittertest/Makemodule.am @@ -6,6 +6,8 @@ plotJittervsFill_CPPFLAGS = $(AM_CPPFLAGS) test_PROGRAMS += JitterTest plotJittervsFill -test_SCRIPTS += tests/jittertest/filljffs2.sh +test_SCRIPTS += tests/jittertest/filljffs2.sh tests/jittertest/filename_bounds.sh +TESTS += tests/jittertest/filename_bounds.sh -EXTRA_DIST += tests/jittertest/README tests/jittertest/filljffs2.sh +EXTRA_DIST += tests/jittertest/README tests/jittertest/filljffs2.sh \ + tests/jittertest/filename_bounds.sh.in -- cgit v1.2.3