[U-Boot] [PATCH v3] cmd_mtdparts.c: prevent printbuffer overflows

Anatolij Gustschin agust at denx.de
Wed Feb 24 00:29:44 CET 2010


The length of configured MTDPARTS_DEFAULT string
could be greater than console printbuffer size.
Replace printf() by puts() to avoid potential buffer
overflows.

Signed-off-by: Anatolij Gustschin <agust at denx.de>
---
Changes since v2:
 - add comment explaining the reason for usage of puts().

Changes since v1:
 - use puts() instead of printf() as suggested by Wolfgang.

 common/cmd_mtdparts.c |   10 ++++++++--
 1 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/common/cmd_mtdparts.c b/common/cmd_mtdparts.c
index b375fea..20fed2a 100644
--- a/common/cmd_mtdparts.c
+++ b/common/cmd_mtdparts.c
@@ -1254,8 +1254,14 @@ static void list_partitions(void)
 	printf("\ndefaults:\n");
 	printf("mtdids  : %s\n",
 		mtdids_default ? mtdids_default : "none");
-	printf("mtdparts: %s\n",
-		mtdparts_default ? mtdparts_default : "none");
+	/*
+	 * Using printf() here results in printbuffer overflow
+	 * if default mtdparts string is greater than console
+	 * printbuffer. Use puts() to prevent system crashes.
+	 */
+	puts("mtdparts: ");
+	puts(mtdparts_default ? mtdparts_default : "none");
+	puts("\n");
 }
 
 /**
-- 
1.6.3.3



More information about the U-Boot mailing list