[U-Boot] [PATCH 0/4] Buffer overruns in printf

Albert ARIBAUD albert.u.boot at aribaud.net
Fri Sep 23 22:40:15 CEST 2011


Hi Simon,

Le 23/09/2011 19:38, Simon Glass a écrit :
> The printf family of functions in U-Boot cannot deal with a situation where
> the caller provides a buffer which turns out to be too small for the format
> string. This can result in buffer overflows, stack overflows and other bad
> behavior.

Indeed overruns can lead to bad behaviors, but in any case, it can never 
be recovered, because at the root, the problem is that the caller 
provided inconsistent arguments to printf.

So in essence, you're 'fixing' printf for a design error in printf's 
caller, instead of fixing the design error.

Amicalement,
-- 
Albert.


More information about the U-Boot mailing list