[U-Boot] [PATCH 0/4] Buffer overruns in printf
Simon Glass
sjg at chromium.org
Mon Sep 26 19:30:37 CEST 2011
Hi Wolfgang,
On Sun, Sep 25, 2011 at 1:04 PM, Wolfgang Denk <wd at denx.de> wrote:
> Dear Simon Glass,
>
> In message <1316799532-20761-1-git-send-email-sjg at chromium.org> you wrote:
>> The printf family of functions in U-Boot cannot deal with a situation where
>> the caller provides a buffer which turns out to be too small for the format
>> string. This can result in buffer overflows, stack overflows and other bad
>> behavior.
>>
>> This patch series tidies this up in the common vsprintf.c code, and also
>> some network code (as an example of where this might lead).
>
> What's the impact of this patch set on the memory footprint of typical
> configurations?
Good question. The short answer with my ARMv7 compiler
(gcc-4.4.3_cos_gg_53174) is 328 bytes, about 10% increase to code size
vsprintf.o.
The newly added functions (snprintf, vscnprintf, scnprintf) are a
total of 116 bytes.
The changes to number(), string() and vsprintf() to make them respect
an end pointer increase size by 80, 20 and 80 bytes respectively.
Total text size for existing vsprintf.o functions goes from 0xc10
(3088) to 0xd58 (3416), or 328 bytes. Of this 116 bytes is the new
functions and the rest is dealing with the end pointer. There is no
data.
Regards,
Simon
>
> Best regards,
>
> Wolfgang Denk
>
> --
> DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel
> HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
> Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
> Nail here --X-- for new monitor.
>
More information about the U-Boot
mailing list