[U-Boot] [PATCH 0/4] Buffer overruns in printf
Albert ARIBAUD
albert.u.boot at aribaud.net
Fri Sep 23 22:40:15 CEST 2011
Hi Simon,
Le 23/09/2011 19:38, Simon Glass a écrit :
> The printf family of functions in U-Boot cannot deal with a situation where
> the caller provides a buffer which turns out to be too small for the format
> string. This can result in buffer overflows, stack overflows and other bad
> behavior.
Indeed overruns can lead to bad behaviors, but in any case, it can never
be recovered, because at the root, the problem is that the caller
provided inconsistent arguments to printf.
So in essence, you're 'fixing' printf for a design error in printf's
caller, instead of fixing the design error.
Amicalement,
--
Albert.
More information about the U-Boot
mailing list