logo

bootstrap-initrd

Linux initrd to bootstrap from a small binary seed git clone https://anongit.hacktivis.me/git/bootstrap-initrd.git/
commit: 23ae6131beed7a230516ef84cc3a8f36987c8ac5
parent 3ae9b755eb7d1bc63e9a76c6991eda84797f4016
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date:   Sun,  5 Oct 2025 21:53:46 +0200

extras/usign: Use static buffer for default sigfile path

Diffstat:

Aextras/usign-patches/0001-Use-static-buffer-for-default-sigfile-path.patch58++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Mmake-root.sh2++
2 files changed, 60 insertions(+), 0 deletions(-)

diff --git a/extras/usign-patches/0001-Use-static-buffer-for-default-sigfile-path.patch b/extras/usign-patches/0001-Use-static-buffer-for-default-sigfile-path.patch @@ -0,0 +1,58 @@ +From 2ae5ef7e311782bffb5c68b7aaceb98086352ece Mon Sep 17 00:00:00 2001 +From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me> +Date: Sun, 5 Oct 2025 21:29:44 +0200 +Subject: [PATCH] Use static buffer for default sigfile path + +--- + main.c | 16 +++++++++++++--- + 1 file changed, 13 insertions(+), 3 deletions(-) + +diff --git a/main.c b/main.c +index ebfdfb0..addbfb8 100644 +--- a/main.c ++++ b/main.c +@@ -26,11 +26,16 @@ + #include <fcntl.h> + #include <unistd.h> + #include <inttypes.h> ++#include <limits.h> + + #include "base64.h" + #include "edsign.h" + #include "ed25519.h" + ++#ifndef PATH_MAX ++#define PATH_MAX 4096 ++#endif ++ + struct pubkey { + char pkalg[2]; + uint8_t fingerprint[8]; +@@ -409,14 +414,19 @@ int main(int argc, char **argv) + } + + if (!sigfile && msgfile) { +- char *buf = alloca(strlen(msgfile) + 5); +- + if (!strcmp(msgfile, "-")) { + fprintf(stderr, "Need signature file when reading message from stdin\n"); + return 1; + } + +- sprintf(buf, "%s.sig", msgfile); ++ if ((strlen(msgfile) - 4) > PATH_MAX) ++ { ++ fprintf(stderr, "Need signature file when msgfile path is over %zd (PATH_MAX - 4)\n", (size_t)PATH_MAX); ++ return 1; ++ } ++ ++ static char buf[PATH_MAX]; ++ snprintf(buf, PATH_MAX, "%s.sig", msgfile); + sigfile = buf; + } + + +base-commit: f1f65026a94137c91b5466b149ef3ea3f20091e9 +-- +2.49.1 + diff --git a/make-root.sh b/make-root.sh @@ -135,6 +135,8 @@ if ! test "${EXCLUDE_EXTRAS:+y}" = "y"; then for i in $extra_local_files; do cp "${WORKDIR}/$i" ./"$i" || die "Failed copying $i" done + + patch -d ./extras/usign-*/ -p1 <"${WORKDIR}/extras/usign-patches/0001-Use-static-buffer-for-default-sigfile-path.patch" fi deblob -c || die