[U-Boot] [PATCH 2/2] image: Protect against overflow in unknown_msg()
Simon Glass
sjg at chromium.org
Fri Oct 28 03:51:57 CEST 2016
Hi Tom,
On 26 October 2016 at 14:49, Tom Rini <trini at konsulko.com> wrote:
> On Wed, Oct 26, 2016 at 01:19:12PM -0600, Simon Glass wrote:
>> Coverity complains that this can overflow. If we later increase the size
>> of one of the strings in the table, it could happen.
>>
>> Adjust the code to protect against this.
>>
>> Signed-off-by: Simon Glass <sjg at chromium.org>
>> Reported-by: Coverity (CID: 150964)
>> ---
>>
>> common/image.c | 3 ++-
>> 1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/common/image.c b/common/image.c
>> index 0e86c13..dfd1779 100644
>> --- a/common/image.c
>> +++ b/common/image.c
>> @@ -584,13 +584,14 @@ const table_entry_t *get_table_entry(const table_entry_t *table, int id)
>> }
>> return NULL;
>> }
>> +#include <linux/string.h>
>>
>> static const char *unknown_msg(enum ih_category category)
>> {
>> static char msg[30];
>>
>> strcpy(msg, "Unknown ");
>> - strcat(msg, table_info[category].desc);
>> + strncat(msg, table_info[category].desc, sizeof(msg) - 1);
>>
>> return msg;
>> }
>
> We should add the include up top with the others :)
Ooops I left that in. It is not needed.
Regards,
Simon
More information about the U-Boot
mailing list