tools: kwboot: Fix buffer overflow in kwboot_terminal() The `in` variable is set to -1 in kwboot_terminal() if stdin is not a tty. In this case we should not look whether -1 is set in fd_set, for it can lead to a buffer overflow, which can be reproduced with echo "xyz" | ./tools/kwboot -t /dev/ttyUSB0 Signed-off-by: Marek Behún <marek.behun@nic.cz> Reviewed-by: Stefan Roese <sr@denx.de>

commit: 4eb55deb77b75c655ebf74d07410640678b68d61 [log] [tgz]
author: Marek Behún <marek.behun@nic.cz> Fri Sep 24 23:06:39 2021 +0200
committer: Stefan Roese <sr@denx.de> Fri Oct 01 11:07:13 2021 +0200
tree: b382d08855827a61eb5eb53b670f9d4357801c17
parent: f7b7f7c6ccf602ed550e4dbbc07e3570b0106a9f [diff]
diff --git a/tools/kwboot.c b/tools/kwboot.c
index 7feeaa4..e6e9984 100644
--- a/tools/kwboot.c
+++ b/tools/kwboot.c

@@ -552,7 +552,7 @@
 				break;
 		}
 
-		if (FD_ISSET(in, &rfds)) {
+		if (in >= 0 && FD_ISSET(in, &rfds)) {
 			rc = kwboot_term_pipe(in, tty, quit, &s);
 			if (rc)
 				break;
commit	4eb55deb77b75c655ebf74d07410640678b68d61	[log] [tgz]
author	Marek Behún <marek.behun@nic.cz>	Fri Sep 24 23:06:39 2021 +0200
committer	Stefan Roese <sr@denx.de>	Fri Oct 01 11:07:13 2021 +0200
tree	b382d08855827a61eb5eb53b670f9d4357801c17
parent	f7b7f7c6ccf602ed550e4dbbc07e3570b0106a9f [diff]