The source project of this merge request has been removed.
Closed requested to merge (removed):master into master
The function uuid_or_device is prone to a buffer overflow if a very long spec has been defined. The range check happens against PATH_MAX, with i being set to 5 (due to "UUID=" offset of spec), but "/dev/disk/by-uuid" has been already written into device.
The difference between "/dev/disk/by-uuid" and "UUID=" is 13, therefore the correct range check must happen against PATH_MAX - 13. @@ -204,7 +204,7 @@ const char *uuid_or_device(const char *spec) strcpy(device, "/dev/disk/by-uuid/");