The printf family of functions in U-Boot cannot deal with a situation where the caller provides a buffer which turns out to be too small for the format string. This can result in buffer overflows, stack overflows and other bad behavior.
This patch series tidies this up in the common vsprintf.c code, and also some network code (as an example of where this might lead). Simon Glass (2): Add limits.h to hold basic limits Use snprintf() in network code Sonny Rao (2): Add safe vsnprintf and snprintf library functions Make printf and vprintf safe from buffer overruns common/console.c | 10 +- fs/ubifs/ubifs.h | 4 +- include/common.h | 8 ++- include/limits.h | 40 +++++++ lib/vsprintf.c | 316 ++++++++++++++++++++++++++++++++++++++++++------------ net/eth.c | 10 ++- net/net.c | 15 ++- net/nfs.c | 3 +- net/tftp.c | 3 +- 9 files changed, 323 insertions(+), 86 deletions(-) create mode 100644 include/limits.h -- 1.7.3.1 _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
