[U-Boot] [PATCH] fixing wrong termination of string
Simon Glass
sjg at chromium.org
Sun Jul 21 22:07:52 CEST 2013
On Fri, Jul 19, 2013 at 12:31 PM, Rossier Daniel
<Daniel.Rossier at heig-vd.ch>wrote:
> Hi,
>
> I discovered a small bug in lib/vsprintf.c which leads to an "Access
> violation(2)" when I tried to tftp a file, in QEMU.
> If CONFIG_SYS_VSNPRINTF is set, the str pointer is incremented even if str
> reached the end of string (str == end) because of ADDCH.
> This leads to a wrong length of string and causes the problem.
> Here is the patch:
>
> diff --git a/lib/vsprintf.c b/lib/vsprintf.c
> index 82e5c13..2ba8126 100644
> --- a/lib/vsprintf.c
> +++ b/lib/vsprintf.c
> @@ -747,8 +747,9 @@ repeat:
> #ifdef CONFIG_SYS_VSNPRINTF
> if (size > 0) {
> - ADDCH(str, '\0');
> - if (str > end)
> + if (str < end)
> + *str = '\0';
> + else
> end[-1] = '\0';
>
This is good - but can I suggest going a little further, maybe:
+ if (str < end)
> + *str = '\0';
> + else if (end > buf)
> end[-1] = '\0';
>
since I think it is actually valid to call this function with a size of 0,
perhaps to find out the length that would be produced.
Regards,
Simon
More information about the U-Boot
mailing list