Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
tools: Ensure that kernelfile and kernelparams are null-terminated
Analogously to read_env(), ensure also when reading an environment from a specified file that those statically sized strings are properly terminated before accessing them. Prevents potential out-of-bounds read accesses in bg_printenv or bg_setenv. Addresses CVE-2023-39950 Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
- Loading branch information