From 478b5675209ab0263b8271764ef85d8fc1faec42 Mon Sep 17 00:00:00 2001
From: Andrei Borzenkov <arvidjaar@gmail.com>
Date: Fri, 28 Nov 2014 20:39:22 +0300
Subject: [PATCH] grub-mkstandalone: out of bound access to tar header magic

Magic size is 6 bytes and we copied 7 bytes in it.

CID: 73587, 73888
Closes bug 43690
---
 ChangeLog                | 5 +++++
 util/grub-mkstandalone.c | 4 ++--
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 6fbec061d..930ceb20c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2014-11-28  Andrei Borzenkov  <arvidjaar@gmail.com>
+
+	* util/grub-mkstandalone.c (add_tar_file): Fix out of bound access
+	to hd.magic (Coverity CID 73587, 73888, bug 43690).
+
 2014-11-20  Andrei Borzenkov  <arvidjaar@gmail.com>
 
 	* tests/util/grub-fs-tester.in: Consistently print output
diff --git a/util/grub-mkstandalone.c b/util/grub-mkstandalone.c
index 8e2a2b8c2..6017d7155 100644
--- a/util/grub-mkstandalone.c
+++ b/util/grub-mkstandalone.c
@@ -236,7 +236,7 @@ add_tar_file (const char *from,
       set_tar_value (hd.size, optr - tcn, 12);
       set_tar_value (hd.mtime, mtime, 12);
       hd.typeflag = 'L';
-      memcpy (hd.magic, "ustar  ", 7);
+      memcpy (hd.magic, MAGIC, sizeof (hd.magic));
       memcpy (hd.uname, "grub", 4);
       memcpy (hd.gname, "grub", 4);
 
@@ -266,7 +266,7 @@ add_tar_file (const char *from,
   set_tar_value (hd.size, size, 12);
   set_tar_value (hd.mtime, mtime, 12);
   hd.typeflag = '0';
-  memcpy (hd.magic, "ustar  ", 7);
+  memcpy (hd.magic, MAGIC, sizeof (hd.magic));
   memcpy (hd.uname, "grub", 4);
   memcpy (hd.gname, "grub", 4);