Re: [U-Boot] [PATCH 1/1] siemens: avoid out of bound access
On Thu, Aug 22, 2019 at 09:58:26PM +0200, Heinrich Schuchardt wrote: > char num[1]; > sprintf(num, "%d", i); > > leads to a buffer overrun. > > Simplify the overly complex coding. > > Signed-off-by: Heinrich Schuchardt > Reviewed-by: Bin Meng > Acked-by: Heiko Schocher Applied to u-boot/master, thanks! -- Tom signature.asc Description: PGP signature ___ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
Re: [U-Boot] [PATCH 1/1] siemens: avoid out of bound access
Hello Heinrich, Am 22.08.2019 um 21:58 schrieb Heinrich Schuchardt: char num[1]; sprintf(num, "%d", i); leads to a buffer overrun. Simplify the overly complex coding. Signed-off-by: Heinrich Schuchardt --- board/siemens/common/board.c | 5 + 1 file changed, 1 insertion(+), 4 deletions(-) Thanks! Acked-by: Heiko Schocher bye, Heiko -- DENX Software Engineering GmbH, Managing Director: Wolfgang Denk HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany Phone: +49-8142-66989-52 Fax: +49-8142-66989-80 Email: h...@denx.de ___ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
Re: [U-Boot] [PATCH 1/1] siemens: avoid out of bound access
On Fri, Aug 23, 2019 at 3:59 AM Heinrich Schuchardt wrote: > > char num[1]; > sprintf(num, "%d", i); > > leads to a buffer overrun. > > Simplify the overly complex coding. > > Signed-off-by: Heinrich Schuchardt > --- > board/siemens/common/board.c | 5 + > 1 file changed, 1 insertion(+), 4 deletions(-) > Reviewed-by: Bin Meng ___ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot
[U-Boot] [PATCH 1/1] siemens: avoid out of bound access
char num[1];
sprintf(num, "%d", i);
leads to a buffer overrun.
Simplify the overly complex coding.
Signed-off-by: Heinrich Schuchardt
---
board/siemens/common/board.c | 5 +
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/board/siemens/common/board.c b/board/siemens/common/board.c
index 676935a843..75462d1c34 100644
--- a/board/siemens/common/board.c
+++ b/board/siemens/common/board.c
@@ -189,14 +189,11 @@ void set_env_gpios(unsigned char state)
{
char *ptr_env;
char str_tmp[5];/* must contain "ledX"*/
- char num[1];
unsigned char i, idx, pos1, pos2, ccount;
unsigned char gpio_n, gpio_s0, gpio_s1;
for (i = 0; i < MAX_NR_LEDS; i++) {
- strcpy(str_tmp, "led");
- sprintf(num, "%d", i);
- strcat(str_tmp, num);
+ sprintf(str_tmp, "led%d", i);
/* If env var is not found we stop */
ptr_env = env_get(str_tmp);
--
2.20.1
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
