From 3c13488cb1620fa3f206c089872660fed54edd8a Mon Sep 17 00:00:00 2001
From: Anton Arapov <anton@redhat.com>
Date: Jul 25 2012 10:26:38 +0000
Subject: Fix a segfault that may be triggered by very long parameter.


ssia

Signed-off-by: Anton Arapov <anton@redhat.com>

---

diff --git a/Changelog b/Changelog
index 051d9ad..8c5307b 100644
--- a/Changelog
+++ b/Changelog
@@ -57,3 +57,4 @@
 1.xx	25 July 2012, Anton Arapov <anton@redhat.com>
 	remove the microcode tarball from the tree
 	update microcode_ctl.8 manpage
+	fix a segfault that may be triggered by very long parameter
diff --git a/microcode_ctl.c b/microcode_ctl.c
index 08e6226..46b44b8 100644
--- a/microcode_ctl.c
+++ b/microcode_ctl.c
@@ -2,6 +2,7 @@
  * microcode_ctl - Manipulate /dev/cpu/microcode under Linux
  *
  * Copyright 2000 (c) Simon Trimmer, Tigran Aivazian.
+ * Copyright 2012 (c) Anton Arapov.
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License
@@ -147,7 +148,8 @@ int main(int argc, char *argv[])
 				break;
 
 			case 'd':
-				strcpy(device, optarg);
+				strncpy(device, optarg, sizeof(device));
+				device[sizeof(device)-1] = '\0'; /* ensure null terminated */
 				break;
 
 			case 'u': /* do a microcode upload */
@@ -156,7 +158,8 @@ int main(int argc, char *argv[])
 
 			case 'f': /* set microcode file to optarg and upload */
 				upload++;
-				strcpy(filename, optarg);
+				strncpy(filename, optarg, sizeof(filename));
+				filename[sizeof(filename)-1] = '\0'; /* ensure null terminated */
 				break;
 
 			case '?':