[U-Boot] fsl/sata: Replace sprintf() with snprintf()
Simon Glass
sjg at chromium.org
Fri May 29 03:34:06 CEST 2015
Hi,
On 28 May 2015 at 07:25, Tom Rini <trini at konsulko.com> wrote:
> On Wed, May 06, 2015 at 11:21:33AM +0800, tang yuantian wrote:
>
>> From: Tang Yuantian <Yuantian.Tang at freescale.com>
>>
>> Function 'sprintf' does not check buffer boundaries but outputs
>> to the buffer of fixed size which could potentially cause buffer
>> overflow. Use a safer function to replace it.
>>
>> Signed-off-by: Tang Yuantian <Yuantian.Tang at freescale.com>
>
> Applied to u-boot/master, thanks!
Just in case others miss it, you need to enable an option to make this
actually change something:
- Safe printf() functions
Define CONFIG_SYS_VSNPRINTF to compile in safe versions of
the printf() functions. These are defined in
include/vsprintf.h and include snprintf(), vsnprintf() and
so on. Code size increase is approximately 300-500 bytes.
If this option is not given then these functions will
silently discard their buffer size argument - this means
you are not getting any overflow checking in this case.
Regards,
Simon
More information about the U-Boot
mailing list