From 663b3208682297eccbcdd160f4e36c998ef4d40c Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Fri, 7 Jun 2024 12:43:15 -0400
Subject: [PATCH] Add more bounds checking in copernicus

---
 confluent_osdeploy/utils/copernicus.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/confluent_osdeploy/utils/copernicus.c b/confluent_osdeploy/utils/copernicus.c
index 9c8ace60..526c06d2 100644
--- a/confluent_osdeploy/utils/copernicus.c
+++ b/confluent_osdeploy/utils/copernicus.c
@@ -31,6 +31,8 @@ int add_uuid(char* destination, int maxsize) {
     strncpy(destination, "/uuid=", maxsize);
     uuidsize = read(uuidf, destination + 6, maxsize - 6);
     close(uuidf);
+    if (uuidsize < 0) { return 0; }
+    if (uuidsize > 524288) { return 0; }
     if (destination[uuidsize + 5] == '\n') {
         destination[uuidsize + 5 ] = 0;
     }
@@ -42,9 +44,11 @@ int add_confluent_uuid(char* destination, int maxsize) {
     int uuidsize;
     uuidf = open("/confluent_uuid", O_RDONLY);
     if (uuidf < 0) { return 0; }
-    strncpy(destination, "/confluentuuid=", maxsize);
     uuidsize = read(uuidf, destination + 15, maxsize - 15);
     close(uuidf);
+    if (uuidsize < 0) { return 0; }
+    if (uuidsize > 524288) { return 0; }
+    strncpy(destination, "/confluentuuid=", maxsize);
     if (destination[uuidsize + 14] == '\n') {
         destination[uuidsize + 14] = 0;
     }