tools: kwboot: Fix buffer overflow in kwboot_terminal()

The `in` variable is set to -1 in kwboot_terminal() if stdin is not a tty. In this case we should not look whether -1 is set in fd_set, for it can lead to a buffer overflow, which can be reproduced with echo "xyz" | ./tools/kwboot -t /dev/ttyUSB0 Signed-off-by: Marek Behún <[email protected]> Reviewed-by: Stefan Roese <[email protected]>
author: Marek Behún <[email protected]> 2021-09-24 23:06:39 +0200
committer: Stefan Roese <[email protected]> 2021-10-01 11:07:13 +0200
commit: f30cb0d3b9fd2d7c51339404ddaeae53ba9b90f9 (patch)
tree: b382d08855827a61eb5eb53b670f9d4357801c17
parent: 3b5da64edfdc013b105573a20871659d37ab53de (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/tools/kwboot.c b/tools/kwboot.c
index 7feeaa45a22..e6e99849a79 100644
--- a/tools/kwboot.c
+++ b/tools/kwboot.c
@@ -552,7 +552,7 @@ kwboot_terminal(int tty)
 				break;
 		}
 
-		if (FD_ISSET(in, &rfds)) {
+		if (in >= 0 && FD_ISSET(in, &rfds)) {
 			rc = kwboot_term_pipe(in, tty, quit, &s);
 			if (rc)
 				break;
author	Marek Behún <[email protected]>	2021-09-24 23:06:39 +0200
committer	Stefan Roese <[email protected]>	2021-10-01 11:07:13 +0200
commit	f30cb0d3b9fd2d7c51339404ddaeae53ba9b90f9 (patch)
tree	b382d08855827a61eb5eb53b670f9d4357801c17
parent	3b5da64edfdc013b105573a20871659d37ab53de (diff)