summaryrefslogtreecommitdiffstats
path: root/tools
diff options
context:
space:
mode:
authorGravatar Nikias Bassen2024-07-01 18:27:27 +0200
committerGravatar Nikias Bassen2024-07-01 18:27:27 +0200
commit2a0a6d57df3791419dfcda070d9ba6189f518bd5 (patch)
tree417d2e7d5d032f54d4d176c0e21ca009be1380a0 /tools
parentd1a98e0910959fbdb3357461debfbf8a1df96945 (diff)
downloadlibimobiledevice-2a0a6d57df3791419dfcda070d9ba6189f518bd5.tar.gz
libimobiledevice-2a0a6d57df3791419dfcda070d9ba6189f518bd5.tar.bz2
tools: Fix heap buffer overflow in ideviceimagemounter
Diffstat (limited to 'tools')
-rw-r--r--tools/ideviceimagemounter.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/tools/ideviceimagemounter.c b/tools/ideviceimagemounter.c
index 52b0666..511583e 100644
--- a/tools/ideviceimagemounter.c
+++ b/tools/ideviceimagemounter.c
@@ -377,8 +377,11 @@ int main(int argc, char **argv)
fprintf(stderr, "Error opening signature file '%s': %s\n", image_sig_path, strerror(errno));
goto leave;
}
- fstat(fileno(f), &fst);
- sig = malloc(sig_length);
+ if (fstat(fileno(f), &fst) != 0) {
+ fprintf(stderr, "Error: fstat: %s\n", strerror(errno));
+ goto leave;
+ }
+ sig = malloc(fst.st_size);
sig_length = fread(sig, 1, fst.st_size, f);
fclose(f);
if (sig_length == 0) {