[U-Boot] [PATCH 1/3] serial-uclass.c: Copy at most sdev.name - 1 characters into the buffer
Tom Rini
trini at konsulko.com
Wed Dec 9 00:32:55 CET 2015
On Tue, Dec 08, 2015 at 12:35:18PM -0700, Simon Glass wrote:
> On 7 December 2015 at 20:26, Tom Rini <trini at konsulko.com> wrote:
> > Coverity notes that we do not ensure a NULL terminated string here as we
> > could fill the entire buffer with our strncpy call. Fix this by
> > subtracting one.
> >
> > Reported-by: Coverity (CID 131093)
> > Cc: Simon Glass <sjg at chromium.org>
> > Signed-off-by: Tom Rini <trini at konsulko.com>
> > ---
> > drivers/serial/serial-uclass.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
>
> Reviewed-by: Simon Glass <sjg at chromium.org>
>
> >
> > diff --git a/drivers/serial/serial-uclass.c b/drivers/serial/serial-uclass.c
> > index 842f78b..2ef82b0 100644
> > --- a/drivers/serial/serial-uclass.c
> > +++ b/drivers/serial/serial-uclass.c
> > @@ -324,7 +324,7 @@ static int serial_post_probe(struct udevice *dev)
> > return 0;
> > memset(&sdev, '\0', sizeof(sdev));
> >
> > - strncpy(sdev.name, dev->name, sizeof(sdev.name));
> > + strncpy(sdev.name, dev->name, sizeof(sdev.name) - 1);
>
> There is also strlcpy() if you want it.
Ah good. Yeah, I think I should v2 this patch and use strlcpy as
there's going to be many more of these I bet to come.
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20151208/545774f7/attachment.sig>
More information about the U-Boot
mailing list