[U-Boot] [PATCH v2 0/3] Buffer overruns in printf

Simon Glass sjg at chromium.org
Mon Oct 10 21:22:28 CEST 2011


The printf family of functions in U-Boot cannot deal with a situation where
the caller provides a buffer which turns out to be too small for the format
string. This can result in buffer overflows, stack overflows and other bad
behavior.

This patch series tidies this up in the common vsprintf.c code.

You can find a discussion of the Linux / U-Boot licensing issues here:
http://patchwork.ozlabs.org/patch/116161/

Code Size Impact
----------------

(From Simon Glass <sjg at chromium.org>)
With my ARMv7 compiler (gcc-4.4.3_cos_gg_53174) the code size increase is
328 bytes, about 10% increase to code size vsprintf.o.

The newly added functions (snprintf, vscnprintf, scnprintf) are a
total of 116 bytes.

The changes to number(), string() and vsprintf() to make them respect
an end pointer increase size by 80, 20 and 80 bytes respectively.

Total text size for existing vsprintf.o functions goes from 0xc10
(3088) to 0xd58 (3416), or 328 bytes. Of this 116 bytes is the new
functions and the rest is dealing with the end pointer. There is no
data.

Changes in v2:
- Use sizeof(printbuffer) instead of CONFIG_SYS_PBSIZE
- Drop patch which changes network code to use snprintf()

Simon Glass (1):
  Add limits.h to hold basic limits

Sonny Rao (2):
  Add safe vsnprintf and snprintf library functions
  Make printf and vprintf safe from buffer overruns

 common/console.c |   10 +-
 fs/ubifs/ubifs.h |    4 +-
 include/common.h |    8 ++-
 include/limits.h |   40 +++++++
 lib/vsprintf.c   |  316 ++++++++++++++++++++++++++++++++++++++++++------------
 5 files changed, 302 insertions(+), 76 deletions(-)
 create mode 100644 include/limits.h

-- 
1.7.3.1



More information about the U-Boot mailing list