[U-Boot] [PATCH 0/4] Buffer overruns in printf

Simon Glass sjg at chromium.org
Fri Sep 23 19:38:48 CEST 2011


The printf family of functions in U-Boot cannot deal with a situation where
the caller provides a buffer which turns out to be too small for the format
string. This can result in buffer overflows, stack overflows and other bad
behavior.

This patch series tidies this up in the common vsprintf.c code, and also
some network code (as an example of where this might lead).


Simon Glass (2):
  Add limits.h to hold basic limits
  Use snprintf() in network code

Sonny Rao (2):
  Add safe vsnprintf and snprintf library functions
  Make printf and vprintf safe from buffer overruns

 common/console.c |   10 +-
 fs/ubifs/ubifs.h |    4 +-
 include/common.h |    8 ++-
 include/limits.h |   40 +++++++
 lib/vsprintf.c   |  316 ++++++++++++++++++++++++++++++++++++++++++------------
 net/eth.c        |   10 ++-
 net/net.c        |   15 ++-
 net/nfs.c        |    3 +-
 net/tftp.c       |    3 +-
 9 files changed, 323 insertions(+), 86 deletions(-)
 create mode 100644 include/limits.h

-- 
1.7.3.1



More information about the U-Boot mailing list