From 4b6fe372c68d1ff50e7c161cffadeb298734f49c Mon Sep 17 00:00:00 2001
From: paulhsia <paulhsia@chromium.org>
Date: Sat, 30 Nov 2019 03:35:30 +0800
Subject: [PATCH 1/5] ucm: Use strncmp to avoid access-out-of-boundary

If the length of the identifier is less than the length of the prefix,
access-out-of-boundary will occur in memcmp().

Signed-off-by: paulhsia <paulhsia@chromium.org>
Signed-off-by: Jaroslav Kysela <perex@perex.cz>

Upstream-Status: Backport
Signed-off-by: Tanu Kaskinen <tanuk@iki.fi>
---
 src/ucm/main.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/ucm/main.c b/src/ucm/main.c
index b0b6ffb3..252e50d9 100644
--- a/src/ucm/main.c
+++ b/src/ucm/main.c
@@ -61,11 +61,13 @@ static int check_identifier(const char *identifier, const char *prefix)
 {
 	int len;
 
-	if (strcmp(identifier, prefix) == 0)
-		return 1;
 	len = strlen(prefix);
-	if (memcmp(identifier, prefix, len) == 0 && identifier[len] == '/')
+	if (strncmp(identifier, prefix, len) != 0)
+		return 0;
+
+	if (identifier[len] == 0 || identifier[len] == '/')
 		return 1;
+
 	return 0;
 }
 
-- 
2.20.1