From 9e94a5eadcdbef406c22833b8afa9e380b698fdf Mon Sep 17 00:00:00 2001
From: Amaury Pouly <amaury.pouly@gmail.com>
Date: Sun, 12 Jan 2020 23:11:59 +0100
Subject: nwztools/scsitool: fix out of buffer access

Change-Id: Ib2c25dd21d39fda026e008950a805f032c916a72
---
 utils/nwztools/scsitools/scsitool.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'utils/nwztools')

diff --git a/utils/nwztools/scsitools/scsitool.c b/utils/nwztools/scsitools/scsitool.c
index 27fa3c7cc1..22983a4f08 100644
--- a/utils/nwztools/scsitools/scsitool.c
+++ b/utils/nwztools/scsitools/scsitool.c
@@ -710,8 +710,8 @@ int get_dev_info(int argc, char **argv)
     (void) argc;
     (void )argv;
     uint8_t cdb[12] = {0xfc, 0, 0x20, 'd', 'b', 'm', 'n', 0, 0x80, 0, 0, 0};
-    char buffer[80];
-    int buffer_size = 0x80;
+    char buffer[0x80];
+    int buffer_size = sizeof(buffer);
     uint8_t sense[32];
     int sense_size = 32;
 
@@ -724,7 +724,6 @@ int get_dev_info(int argc, char **argv)
         cprintf(GREY, "An error occured during request\n");
         return ret;
     }
-    buffer[buffer_size] = 0;
     cprintf_field("Raw device info:", "\n");
     print_hex(buffer, buffer_size);
     // the 16 first bytes are 'DEVINFO', 0x80, followed by zeroes
-- 
cgit v1.2.3